· 6 years ago · Oct 22, 2019, 10:04 PM
1{"jsonVersion":4,"lang":"en","serverUUID":"","serverName":"localhost","family":"centos","release":"7.7.1908","container":{"containerID":"","name":"","image":"","type":"","uuid":""},"image":{"name":"","tag":""},"platform":{"name":"other","instanceID":""},"ipv4Addrs":["10.0.2.15","172.17.0.1"],"scannedAt":"2019-10-15T14:36:45.947124167Z","scanMode":"fast mode","scannedVersion":"v0.9.0","scannedRevision":"build-20190918_144319_45bff26","scannedBy":"5153764bdde8","scannedVia":"remote","scannedIpv4Addrs":["172.17.0.2"],"reportedAt":"2019-10-15T14:38:22.425093646Z","reportedVersion":"v0.9.0","reportedRevision":"build-20190918_144319_45bff26","reportedBy":"04ba177f642b","errors":[],"warnings":[],"scannedCves":{"CVE-2009-5155":{"cveID":"CVE-2009-5155","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"glibc","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2009-5155","title":"GNU C Library におけるデータ処理に関する脆弱性","summary":"GNU C Library (別名 glibc および libc6) には、データ処理に関する脆弱性が存在します。","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"Medium","cvss3Score":7.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-006629.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5155","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2009-5155","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/19.html","refID":""}],"published":"2019-04-01T17:26:00+09:00","lastModified":"2019-04-01T17:26:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2009-5155","title":"","summary":"In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match.","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"MEDIUM","cvss3Score":7.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"HIGH","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2009-5155","references":[{"source":"","link":"http://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=5513b40999149090987a0341c018d05d3eea1272","refID":""},{"source":"","link":"https://debbugs.gnu.org/cgi/bugreport.cgi?bug=22793","refID":""},{"source":"","link":"https://debbugs.gnu.org/cgi/bugreport.cgi?bug=32806","refID":""},{"source":"","link":"https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34238","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190315-0002/","refID":""},{"source":"","link":"https://sourceware.org/bugzilla/show_bug.cgi?id=11053","refID":""},{"source":"","link":"https://sourceware.org/bugzilla/show_bug.cgi?id=18986","refID":""},{"source":"","link":"https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=eb04c21373e2a2885f3d52ff192b0499afe3c672","refID":""},{"source":"","link":"https://support.f5.com/csp/article/K64119434","refID":""}],"cweIDs":["CWE-19"],"published":"2019-02-26T02:29:00Z","lastModified":"2019-03-25T17:29:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2009-5155","title":"CVE-2009-5155 glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result","summary":"In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":7.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2009-5155","cweIDs":["CWE-20","CWE-185"],"published":"2019-03-20T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2012-6711":{"cveID":"CVE-2012-6711","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"bash","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2012-6711","title":"GNU Bash におけるバッファエラーの脆弱性","summary":"GNU Bash には、バッファエラーの脆弱性が存在します。","cvss2Score":4.6,"cvss2Vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"Medium","cvss3Score":7.8,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-006411.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6711","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2012-6711","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-119.html","refID":""}],"published":"2019-06-24T14:32:00+09:00","lastModified":"2019-06-24T14:32:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2012-6711","title":"","summary":"A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the \"echo -e\" built-in function, may use this flaw to crash a script or execute code with the privileges of the bash process. This occurs because ansicstr() in lib/sh/strtrans.c mishandles u32cconv().","cvss2Score":4.6,"cvss2Vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"MEDIUM","cvss3Score":7.8,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"HIGH","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2012-6711","references":[{"source":"","link":"http://git.savannah.gnu.org/cgit/bash.git/commit/?h=devel\u0026id=863d31ae775d56b785dc5b0105b6d251515d81d5","refID":""},{"source":"","link":"http://www.securityfocus.com/bid/108824","refID":""},{"source":"","link":"https://bugzilla.redhat.com/show_bug.cgi?id=1721071","refID":""}],"cweIDs":["CWE-119"],"published":"2019-06-18T18:15:00Z","lastModified":"2019-06-20T09:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2012-6711","title":"CVE-2012-6711 bash: heap-based buffer overflow during echo of unsupported characters","summary":"A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the \"echo -e\" built-in function, may use this flaw to crash a script or execute code with the privileges of the bash process. This occurs because ansicstr() in lib/sh/strtrans.c mishandles u32cconv().\nA heap-based buffer overflow was discovered in bash when wide characters, not supported by the current locale set in LC_CTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the `echo -e` built-in function, may use this flaw to crash a script or execute code with the privileges of the bash process.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":7,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2012-6711","cweIDs":["CWE-122"],"published":"2019-06-18T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2013-4125":{"cveID":"CVE-2013-4125","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2013-4125","title":"Linux Kernel の IPv6 スタックの net/ipv6/ip6_fib.c におけるサービス運用妨害 (DoS) の脆弱性","summary":"Linux Kernel の IPv6 スタックの net/ipv6/ip6_fib.c 内の fib6_add_rt2node 関数は、一緒に設定された 2 つの ECMP (等コストマルチパス) ルートの内の 1 つに変更が発生した場合に、ルータ広告 (Router Advertisement、RA) メッセージを適切に処理しないため、サービス運用妨害 (システムクラッシュ) 状態にされる脆弱性が存在します。","cvss2Score":5.4,"cvss2Vector":"AV:N/AC:H/Au:N/C:N/I:N/A:C","cvss2Severity":"Medium","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-003360.html","references":[{"source":"CVE","link":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4125","refID":""},{"source":"NVD","link":"http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4125","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-399.html","refID":""}],"published":"2013-07-17T20:42:00+09:00","lastModified":"2013-07-17T20:42:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2013-4125","title":"","summary":"The fib6_add_rt2node function in net/ipv6/ip6_fib.c in the IPv6 stack in the Linux kernel through 3.10.1 does not properly handle Router Advertisement (RA) messages in certain circumstances involving three routes that initially qualified for membership in an ECMP route set until a change occurred for one of the first two routes, which allows remote attackers to cause a denial of service (system crash) via a crafted sequence of messages.","cvss2Score":5.4,"cvss2Vector":"AV:N/AC:H/Au:N/C:N/I:N/A:C","cvss2Severity":"MEDIUM","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2013-4125","references":[{"source":"","link":"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=307f2fb95e9b96b3577916e73d92e104f8f26494","refID":""},{"source":"","link":"http://lists.fedoraproject.org/pipermail/package-announce/2013-July/112454.html","refID":""},{"source":"","link":"http://lists.fedoraproject.org/pipermail/package-announce/2013-July/112619.html","refID":""},{"source":"","link":"http://www.openwall.com/lists/oss-security/2013/07/15/4","refID":""},{"source":"","link":"http://www.securityfocus.com/bid/61166","refID":""},{"source":"","link":"http://www.securitytracker.com/id/1028780","refID":""},{"source":"","link":"https://bugzilla.redhat.com/show_bug.cgi?id=984664","refID":""},{"source":"","link":"https://exchange.xforce.ibmcloud.com/vulnerabilities/85645","refID":""},{"source":"","link":"https://github.com/torvalds/linux/commit/307f2fb95e9b96b3577916e73d92e104f8f26494","refID":""}],"cweIDs":["CWE-399"],"published":"2013-07-15T20:55:00Z","lastModified":"2017-08-29T01:33:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2013-4125","title":"CVE-2013-4125 kernel: ipv6: BUG_ON in fib6_add_rt2node()","summary":"The fib6_add_rt2node function in net/ipv6/ip6_fib.c in the IPv6 stack in the Linux kernel through 3.10.1 does not properly handle Router Advertisement (RA) messages in certain circumstances involving three routes that initially qualified for membership in an ECMP route set until a change occurred for one of the first two routes, which allows remote attackers to cause a denial of service (system crash) via a crafted sequence of messages.","cvss2Score":7.1,"cvss2Vector":"AV:N/AC:M/Au:N/C:N/I:N/A:C","cvss2Severity":"Important","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://access.redhat.com/security/cve/CVE-2013-4125","published":"2013-07-15T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2013-7353":{"cveID":"CVE-2013-7353","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"libpng","notFixedYet":true,"fixState":"Fix deferred"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2013-7353","title":"libpng の libpng/pngset.c 内の png_set_unknown_chunks 関数における整数オーバーフローの脆弱性","summary":"libpng の libpng/pngset.c 内の png_set_unknown_chunks 関数には、整数オーバーフローの脆弱性が存在します。","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"Medium","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-006403.html","references":[{"source":"CVE","link":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7353","refID":""},{"source":"NVD","link":"http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7353","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-189.html","refID":""}],"published":"2014-05-08T15:20:00+09:00","lastModified":"2014-05-08T15:20:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2013-7353","title":"","summary":"Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng before 1.5.14beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow.","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"MEDIUM","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2013-7353","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-updates/2014-05/msg00015.html","refID":""},{"source":"","link":"http://seclists.org/oss-sec/2014/q2/83","refID":""},{"source":"","link":"http://sourceforge.net/p/libpng/bugs/199/","refID":""},{"source":"","link":"http://www.securityfocus.com/bid/67345","refID":""}],"cweIDs":["CWE-189"],"published":"2014-05-06T14:55:00Z","lastModified":"2016-12-31T02:59:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2013-7353","title":"CVE-2013-7353 libpng: integer overflow leading to a heap-based buffer overflow in png_set_unknown_chunks()","summary":"Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng before 1.5.14beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow.","cvss2Score":5.1,"cvss2Vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","cvss2Severity":"Moderate","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://access.redhat.com/security/cve/CVE-2013-7353","cweIDs":["CWE-190","CWE-122"],"published":"2014-04-11T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2013-7354":{"cveID":"CVE-2013-7354","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"libpng","notFixedYet":true,"fixState":"Fix deferred"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2013-7354","title":"libpng における整数オーバーフローの脆弱性","summary":"libpng には、整数オーバーフローの脆弱性が存在します。","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"Medium","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-006404.html","references":[{"source":"CVE","link":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7354","refID":""},{"source":"NVD","link":"http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7354","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-189.html","refID":""}],"published":"2014-05-08T15:37:00+09:00","lastModified":"2014-05-08T15:37:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2013-7354","title":"","summary":"Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow.","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"MEDIUM","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2013-7354","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-updates/2014-05/msg00015.html","refID":""},{"source":"","link":"http://seclists.org/oss-sec/2014/q2/83","refID":""},{"source":"","link":"http://sourceforge.net/p/libpng/bugs/199/","refID":""},{"source":"","link":"http://www.securityfocus.com/bid/67344","refID":""}],"cweIDs":["CWE-189"],"published":"2014-05-06T14:55:00Z","lastModified":"2016-12-31T02:59:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2013-7354","title":"CVE-2013-7354 libpng: integer overflow leading to a heap-based buffer overflow in png_set_sPLT() and png_set_text_2()","summary":"Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow.","cvss2Score":5.1,"cvss2Vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","cvss2Severity":"Moderate","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://access.redhat.com/security/cve/CVE-2013-7354","cweIDs":["CWE-190","CWE-122"],"published":"2014-04-11T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2014-3591":{"cveID":"CVE-2014-3591","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"gnupg2","notFixedYet":true,"fixState":"Fix deferred"},{"name":"libgcrypt","notFixedYet":true,"fixState":"Fix deferred"}],"cveContents":{"redhat_api":{"type":"redhat_api","cveID":"CVE-2014-3591","title":"CVE-2014-3591 libgcrypt: use ciphertext blinding for Elgamal decryption (new side-channel attack)","summary":"No description is available for this CVE.","cvss2Score":1.2,"cvss2Vector":"AV:L/AC:H/Au:N/C:P/I:N/A:N","cvss2Severity":"Low","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://access.redhat.com/security/cve/CVE-2014-3591","published":"2015-02-27T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2014-4043":{"cveID":"CVE-2014-4043","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"glibc","notFixedYet":true,"fixState":"Fix deferred"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2014-4043","title":"GNU C Library の posix_spawn_file_actions_addopen 関数における解放済みメモリの使用を誘発される脆弱性","summary":"GNU C Library (別名 glibc) の posix_spawn_file_actions_addopen 関数は、POSIX 規格に従って path 引数をコピーしないため、解放済みメモリの使用 (Use-after-free) を誘発される脆弱性が存在します。","cvss2Score":7.5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"High","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-004568.html","references":[{"source":"CVE","link":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4043","refID":""},{"source":"NVD","link":"http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4043","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-94.html","refID":""}],"published":"2014-10-08T18:09:00+09:00","lastModified":"2014-10-08T18:09:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2014-4043","title":"","summary":"The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent attackers to trigger use-after-free vulnerabilities.","cvss2Score":7.5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"HIGH","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2014-4043","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00012.html","refID":""},{"source":"","link":"http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html","refID":""},{"source":"","link":"http://seclists.org/fulldisclosure/2019/Jun/18","refID":""},{"source":"","link":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:152","refID":""},{"source":"","link":"http://www.securityfocus.com/bid/68006","refID":""},{"source":"","link":"https://bugzilla.redhat.com/show_bug.cgi?id=1109263","refID":""},{"source":"","link":"https://exchange.xforce.ibmcloud.com/vulnerabilities/93784","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Jun/14","refID":""},{"source":"","link":"https://security.gentoo.org/glsa/201503-04","refID":""},{"source":"","link":"https://sourceware.org/bugzilla/show_bug.cgi?id=17048","refID":""},{"source":"","link":"https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=blobdiff;f=ChangeLog;h=3020b9ac232315df362521aeaf85f21cb9926db8;hp=d86e73963dd9fb5e21b1a28326630337226812aa;hb=89e435f3559c53084498e9baad22172b64429362;hpb=c3a2ebe1f7541cc35937621e08c28ff88afd0845","refID":""},{"source":"","link":"https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=blobdiff;f=posix/spawn_faction_addopen.c;h=40800b8e6e81341501c0fb8a91009529e2048dec;hp=47f62425b696a4fdd511b2a057746322eb6518db;hb=89e435f3559c53084498e9baad22172b64429362;hpb=c3a2ebe1f7541cc35937621e08c28ff88afd0845","refID":""},{"source":"","link":"https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=89e435f3559c53084498e9baad22172b64429362","refID":""}],"cweIDs":["CWE-94"],"published":"2014-10-06T23:55:00Z","lastModified":"2019-06-13T21:29:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2014-4043","title":"CVE-2014-4043 glibc: posix_spawn_file_actions_addopen fails to copy the path argument","summary":"The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allows context-dependent attackers to trigger use-after-free vulnerabilities.","cvss2Score":1,"cvss2Vector":"AV:L/AC:H/Au:S/C:P/I:N/A:N","cvss2Severity":"Low","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://access.redhat.com/security/cve/CVE-2014-4043","references":[{"source":"","link":"https://sourceware.org/bugzilla/show_bug.cgi?id=17048","refID":""}],"published":"2014-06-11T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2014-4617":{"cveID":"CVE-2014-4617","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"gnupg2","notFixedYet":true,"fixState":"Fix deferred"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2014-4617","title":"GnuPG の g10/compress.c の do_uncompress 関数におけるサービス運用妨害 (DoS) の脆弱性","summary":"GnuPG の g10/compress.c の do_uncompress 関数には、サービス運用妨害 (無限ループ) 状態にされる脆弱性が存在します。","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"Medium","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-003031.html","references":[{"source":"CVE","link":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617","refID":""},{"source":"NVD","link":"http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4617","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-20.html","refID":""}],"published":"2014-06-26T11:31:00+09:00","lastModified":"2015-06-19T16:43:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2014-4617","title":"","summary":"The do_uncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service (infinite loop) via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence.","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"MEDIUM","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2014-4617","references":[{"source":"","link":"http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=014b2103fcb12f261135e3954f26e9e07b39e342","refID":""},{"source":"","link":"http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=11fdfcf82bd8d2b5bc38292a29876e10770f4b0a","refID":""},{"source":"","link":"http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000344.html","refID":""},{"source":"","link":"http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000345.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-updates/2014-07/msg00010.html","refID":""},{"source":"","link":"http://secunia.com/advisories/59213","refID":""},{"source":"","link":"http://secunia.com/advisories/59351","refID":""},{"source":"","link":"http://secunia.com/advisories/59534","refID":""},{"source":"","link":"http://secunia.com/advisories/59578","refID":""},{"source":"","link":"http://www.debian.org/security/2014/dsa-2967","refID":""},{"source":"","link":"http://www.debian.org/security/2014/dsa-2968","refID":""},{"source":"","link":"http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html","refID":""},{"source":"","link":"http://www.ubuntu.com/usn/USN-2258-1","refID":""}],"cweIDs":["CWE-20"],"published":"2014-06-25T11:19:00Z","lastModified":"2018-10-30T16:27:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2014-4617","title":"CVE-2014-4617 gnupg: infinite loop when decompressing data packets","summary":"The do_uncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service (infinite loop) via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence.","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"Moderate","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://access.redhat.com/security/cve/CVE-2014-4617","cweIDs":["CWE-835"],"published":"2014-06-20T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2014-5270":{"cveID":"CVE-2014-5270","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"libgcrypt","notFixedYet":true,"fixState":"Fix deferred"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2014-5270","title":"GnuPG などの製品で使用される Libgcrypt における鍵抽出攻撃を実行される脆弱性","summary":"GnuPG およびその他の製品で使用される Libgcrypt は、暗号文の正規化およびランダム化を適切に実行しないため、鍵抽出攻撃 (key-extraction attack) を実行される脆弱性が存在します。\n\n本脆弱性は、CVE-2013-4576 とは異なる脆弱性です。","cvss2Score":2.1,"cvss2Vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","cvss2Severity":"Low","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-004645.html","references":[{"source":"CVE","link":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5270","refID":""},{"source":"NVD","link":"http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-5270","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-200.html","refID":""}],"published":"2014-10-14T15:12:00+09:00","lastModified":"2014-10-14T15:12:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2014-5270","title":"","summary":"Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext randomization, which makes it easier for physically proximate attackers to conduct key-extraction attacks by leveraging the ability to collect voltage data from exposed metal, a different vector than CVE-2013-4576.","cvss2Score":2.1,"cvss2Vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","cvss2Severity":"LOW","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2014-5270","references":[{"source":"","link":"http://lists.gnupg.org/pipermail/gnupg-announce/2014q3/000352.html","refID":""},{"source":"","link":"http://openwall.com/lists/oss-security/2014/08/16/2","refID":""},{"source":"","link":"http://www.cs.tau.ac.il/~tromer/handsoff/","refID":""},{"source":"","link":"http://www.debian.org/security/2014/dsa-3024","refID":""},{"source":"","link":"http://www.debian.org/security/2014/dsa-3073","refID":""}],"cweIDs":["CWE-200"],"published":"2014-10-10T01:55:00Z","lastModified":"2017-11-04T01:29:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2014-5270","title":"CVE-2014-5270 libgcrypt: ELGAMAL side-channel attack","summary":"Libgcrypt before 1.5.4, as used in GnuPG and other products, does not properly perform ciphertext normalization and ciphertext randomization, which makes it easier for physically proximate attackers to conduct key-extraction attacks by leveraging the ability to collect voltage data from exposed metal, a different vector than CVE-2013-4576.","cvss2Score":1.9,"cvss2Vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","cvss2Severity":"Moderate","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://access.redhat.com/security/cve/CVE-2014-5270","published":"2014-08-08T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2014-6277":{"cveID":"CVE-2014-6277","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"bash","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2014-6277","title":"QNAP QTS に OS コマンドインジェクションの脆弱性","summary":"QNAP Systems, Inc. が提供する QTS は、Turbo NAS 用の OS です。QTS には、GNU Bash の脆弱性 (JVNVU#97219505) に起因する OS コマンドインジェクションの脆弱性 (CWE-78) が存在します。\n\nこの脆弱性情報は、情報セキュリティ早期警戒パートナーシップに基づき下記の方が IPA に報告し、JPCERT/CC が開発者との調整を行いました。\n報告者: 電気通信大学 脇坂 優樹 氏","cvss2Score":10,"cvss2Vector":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvss2Severity":"High","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000126.html","published":"2014-10-28T12:04:00+09:00","lastModified":"2015-12-24T18:23:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2014-6277","title":"","summary":"GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access, and untrusted-pointer read and write operations) via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271 and CVE-2014-7169.","cvss2Score":10,"cvss2Vector":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvss2Severity":"HIGH","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2014-6277","references":[{"source":"","link":"http://jvn.jp/en/jp/JVN55667175/index.html","refID":""},{"source":"","link":"http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126","refID":""},{"source":"","link":"http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html","refID":""},{"source":"","link":"http://lcamtuf.blogspot.com/2014/10/bash-bug-how-we-finally-cracked.html","refID":""},{"source":"","link":"http://linux.oracle.com/errata/ELSA-2014-3093","refID":""},{"source":"","link":"http://linux.oracle.com/errata/ELSA-2014-3094","refID":""},{"source":"","link":"http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html","refID":""},{"source":"","link":"http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=142289270617409\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2","refID":""},{"source":"","link":"http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html","refID":""},{"source":"","link":"http://secunia.com/advisories/58200","refID":""},{"source":"","link":"http://secunia.com/advisories/59907","refID":""},{"source":"","link":"http://secunia.com/advisories/59961","refID":""},{"source":"","link":"http://secunia.com/advisories/60024","refID":""},{"source":"","link":"http://secunia.com/advisories/60034","refID":""},{"source":"","link":"http://secunia.com/advisories/60044","refID":""},{"source":"","link":"http://secunia.com/advisories/60055","refID":""},{"source":"","link":"http://secunia.com/advisories/60063","refID":""},{"source":"","link":"http://secunia.com/advisories/60193","refID":""},{"source":"","link":"http://secunia.com/advisories/60325","refID":""},{"source":"","link":"http://secunia.com/advisories/60433","refID":""},{"source":"","link":"http://secunia.com/advisories/61065","refID":""},{"source":"","link":"http://secunia.com/advisories/61128","refID":""},{"source":"","link":"http://secunia.com/advisories/61129","refID":""},{"source":"","link":"http://secunia.com/advisories/61283","refID":""},{"source":"","link":"http://secunia.com/advisories/61287","refID":""},{"source":"","link":"http://secunia.com/advisories/61291","refID":""},{"source":"","link":"http://secunia.com/advisories/61312","refID":""},{"source":"","link":"http://secunia.com/advisories/61313","refID":""},{"source":"","link":"http://secunia.com/advisories/61328","refID":""},{"source":"","link":"http://secunia.com/advisories/61442","refID":""},{"source":"","link":"http://secunia.com/advisories/61471","refID":""},{"source":"","link":"http://secunia.com/advisories/61485","refID":""},{"source":"","link":"http://secunia.com/advisories/61503","refID":""},{"source":"","link":"http://secunia.com/advisories/61550","refID":""},{"source":"","link":"http://secunia.com/advisories/61552","refID":""},{"source":"","link":"http://secunia.com/advisories/61565","refID":""},{"source":"","link":"http://secunia.com/advisories/61603","refID":""},{"source":"","link":"http://secunia.com/advisories/61633","refID":""},{"source":"","link":"http://secunia.com/advisories/61641","refID":""},{"source":"","link":"http://secunia.com/advisories/61643","refID":""},{"source":"","link":"http://secunia.com/advisories/61654","refID":""},{"source":"","link":"http://secunia.com/advisories/61703","refID":""},{"source":"","link":"http://secunia.com/advisories/61780","refID":""},{"source":"","link":"http://secunia.com/advisories/61816","refID":""},{"source":"","link":"http://secunia.com/advisories/61857","refID":""},{"source":"","link":"http://secunia.com/advisories/62312","refID":""},{"source":"","link":"http://secunia.com/advisories/62343","refID":""},{"source":"","link":"http://support.apple.com/HT204244","refID":""},{"source":"","link":"http://support.novell.com/security/cve/CVE-2014-6277.html","refID":""},{"source":"","link":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash","refID":""},{"source":"","link":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:164","refID":""},{"source":"","link":"http://www.novell.com/support/kb/doc.php?id=7015721","refID":""},{"source":"","link":"http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html","refID":""},{"source":"","link":"http://www.qnap.com/i/en/support/con_show.php?cid=61","refID":""},{"source":"","link":"http://www.ubuntu.com/usn/USN-2380-1","refID":""},{"source":"","link":"http://www.vmware.com/security/advisories/VMSA-2014-0010.html","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=swg21685541","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=swg21685604","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=swg21685733","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=swg21685749","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=swg21685914","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=swg21686131","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=swg21686246","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=swg21686445","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=swg21686479","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=swg21686494","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=swg21687079","refID":""},{"source":"","link":"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315","refID":""},{"source":"","link":"https://kb.bluecoat.com/index?page=content\u0026id=SA82","refID":""},{"source":"","link":"https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648","refID":""},{"source":"","link":"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085","refID":""},{"source":"","link":"https://support.apple.com/HT205267","refID":""},{"source":"","link":"https://support.citrix.com/article/CTX200217","refID":""},{"source":"","link":"https://support.citrix.com/article/CTX200223","refID":""},{"source":"","link":"https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html","refID":""},{"source":"","link":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075","refID":""},{"source":"","link":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183","refID":""},{"source":"","link":"https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts","refID":""},{"source":"","link":"https://www.suse.com/support/shellshock/","refID":""}],"cweIDs":["CWE-78"],"published":"2014-09-27T22:55:00Z","lastModified":"2018-08-09T01:29:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2014-6277","title":"CVE-2014-6277 bash: uninitialized here document closing delimiter pointer use","summary":"GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access, and untrusted-pointer read and write operations) via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271 and CVE-2014-7169.","cvss2Score":7.5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://access.redhat.com/security/cve/CVE-2014-6277","cweIDs":["CWE-78"],"published":"2014-09-27T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2014-6278":{"cveID":"CVE-2014-6278","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"bash","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2014-6278","title":"QNAP QTS に OS コマンドインジェクションの脆弱性","summary":"QNAP Systems, Inc. が提供する QTS は、Turbo NAS 用の OS です。QTS には、GNU Bash の脆弱性 (JVNVU#97219505) に起因する OS コマンドインジェクションの脆弱性 (CWE-78) が存在します。\n\nこの脆弱性情報は、情報セキュリティ早期警戒パートナーシップに基づき下記の方が IPA に報告し、JPCERT/CC が開発者との調整を行いました。\n報告者: 電気通信大学 脇坂 優樹 氏","cvss2Score":10,"cvss2Vector":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvss2Severity":"High","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000126.html","published":"2014-10-28T12:04:00+09:00","lastModified":"2015-12-24T18:23:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2014-6278","title":"","summary":"GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277.","cvss2Score":10,"cvss2Vector":"AV:N/AC:L/Au:N/C:C/I:C/A:C","cvss2Severity":"HIGH","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2014-6278","references":[{"source":"","link":"http://jvn.jp/en/jp/JVN55667175/index.html","refID":""},{"source":"","link":"http://jvndb.jvn.jp/jvndb/JVNDB-2014-000126","refID":""},{"source":"","link":"http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html","refID":""},{"source":"","link":"http://lcamtuf.blogspot.com/2014/10/bash-bug-how-we-finally-cracked.html","refID":""},{"source":"","link":"http://linux.oracle.com/errata/ELSA-2014-3093","refID":""},{"source":"","link":"http://linux.oracle.com/errata/ELSA-2014-3094","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-updates/2014-10/msg00025.html","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141330468527613\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141345648114150\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141383026420882\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141383081521087\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141383196021590\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141383244821813\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141383304022067\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141383353622268\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141383465822787\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141450491804793\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141576728022234\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141577137423233\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141577241923505\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141577297623641\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141585637922673\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=141879528318582\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=142118135300698\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=142358026505815\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=142358078406056\u0026w=2","refID":""},{"source":"","link":"http://marc.info/?l=bugtraq\u0026m=142721162228379\u0026w=2","refID":""},{"source":"","link":"http://packetstormsecurity.com/files/128567/CA-Technologies-GNU-Bash-Shellshock.html","refID":""},{"source":"","link":"http://packetstormsecurity.com/files/137344/Sun-Secure-Global-Desktop-Oracle-Global-Desktop-Shellshock.html","refID":""},{"source":"","link":"http://secunia.com/advisories/58200","refID":""},{"source":"","link":"http://secunia.com/advisories/59907","refID":""},{"source":"","link":"http://secunia.com/advisories/59961","refID":""},{"source":"","link":"http://secunia.com/advisories/60024","refID":""},{"source":"","link":"http://secunia.com/advisories/60034","refID":""},{"source":"","link":"http://secunia.com/advisories/60044","refID":""},{"source":"","link":"http://secunia.com/advisories/60055","refID":""},{"source":"","link":"http://secunia.com/advisories/60063","refID":""},{"source":"","link":"http://secunia.com/advisories/60193","refID":""},{"source":"","link":"http://secunia.com/advisories/60325","refID":""},{"source":"","link":"http://secunia.com/advisories/60433","refID":""},{"source":"","link":"http://secunia.com/advisories/61065","refID":""},{"source":"","link":"http://secunia.com/advisories/61128","refID":""},{"source":"","link":"http://secunia.com/advisories/61129","refID":""},{"source":"","link":"http://secunia.com/advisories/61283","refID":""},{"source":"","link":"http://secunia.com/advisories/61287","refID":""},{"source":"","link":"http://secunia.com/advisories/61291","refID":""},{"source":"","link":"http://secunia.com/advisories/61312","refID":""},{"source":"","link":"http://secunia.com/advisories/61313","refID":""},{"source":"","link":"http://secunia.com/advisories/61328","refID":""},{"source":"","link":"http://secunia.com/advisories/61442","refID":""},{"source":"","link":"http://secunia.com/advisories/61471","refID":""},{"source":"","link":"http://secunia.com/advisories/61485","refID":""},{"source":"","link":"http://secunia.com/advisories/61503","refID":""},{"source":"","link":"http://secunia.com/advisories/61550","refID":""},{"source":"","link":"http://secunia.com/advisories/61552","refID":""},{"source":"","link":"http://secunia.com/advisories/61565","refID":""},{"source":"","link":"http://secunia.com/advisories/61603","refID":""},{"source":"","link":"http://secunia.com/advisories/61633","refID":""},{"source":"","link":"http://secunia.com/advisories/61641","refID":""},{"source":"","link":"http://secunia.com/advisories/61643","refID":""},{"source":"","link":"http://secunia.com/advisories/61654","refID":""},{"source":"","link":"http://secunia.com/advisories/61703","refID":""},{"source":"","link":"http://secunia.com/advisories/61780","refID":""},{"source":"","link":"http://secunia.com/advisories/61816","refID":""},{"source":"","link":"http://secunia.com/advisories/61857","refID":""},{"source":"","link":"http://secunia.com/advisories/62312","refID":""},{"source":"","link":"http://secunia.com/advisories/62343","refID":""},{"source":"","link":"http://support.novell.com/security/cve/CVE-2014-6278.html","refID":""},{"source":"","link":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash","refID":""},{"source":"","link":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:164","refID":""},{"source":"","link":"http://www.novell.com/support/kb/doc.php?id=7015721","refID":""},{"source":"","link":"http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html","refID":""},{"source":"","link":"http://www.qnap.com/i/en/support/con_show.php?cid=61","refID":""},{"source":"","link":"http://www.ubuntu.com/usn/USN-2380-1","refID":""},{"source":"","link":"http://www.vmware.com/security/advisories/VMSA-2014-0010.html","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021272","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021279","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=isg3T1021361","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004879","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004897","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004898","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004915","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=swg21685541","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=swg21685604","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=swg21685733","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=swg21685749","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=swg21685914","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=swg21686131","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=swg21686246","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=swg21686445","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=swg21686479","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=swg21686494","refID":""},{"source":"","link":"http://www-01.ibm.com/support/docview.wss?uid=swg21687079","refID":""},{"source":"","link":"http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315","refID":""},{"source":"","link":"https://bugzilla.redhat.com/show_bug.cgi?id=1147414","refID":""},{"source":"","link":"https://kb.bluecoat.com/index?page=content\u0026id=SA82","refID":""},{"source":"","link":"https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10648","refID":""},{"source":"","link":"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10085","refID":""},{"source":"","link":"https://security-tracker.debian.org/tracker/CVE-2014-6278","refID":""},{"source":"","link":"https://support.citrix.com/article/CTX200217","refID":""},{"source":"","link":"https://support.citrix.com/article/CTX200223","refID":""},{"source":"","link":"https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html","refID":""},{"source":"","link":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04497075","refID":""},{"source":"","link":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c04518183","refID":""},{"source":"","link":"https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk102673\u0026src=securityAlerts","refID":""},{"source":"","link":"https://www.exploit-db.com/exploits/39568/","refID":""},{"source":"","link":"https://www.exploit-db.com/exploits/39887/","refID":""},{"source":"","link":"https://www.suse.com/support/shellshock/","refID":""}],"cweIDs":["CWE-78"],"published":"2014-09-30T10:55:00Z","lastModified":"2018-08-09T01:29:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2014-6278","title":"CVE-2014-6278 bash: incorrect parsing of function definitions with nested command substitutions","summary":"GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277.","cvss2Score":7.5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://access.redhat.com/security/cve/CVE-2014-6278","cweIDs":["CWE-119"],"published":"2014-09-29T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"exploits":[{"exploitType":"OffensiveSecurity","id":"39887","url":"https://www.exploit-db.com/exploits/39887","description":"Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Command Injection (Shellshock)","documentURL":"https://github.com/offensive-security/exploitdb/exploits/cgi/webapps/39887.txt"},{"exploitType":"OffensiveSecurity","id":"39568","url":"https://www.exploit-db.com/exploits/39568","description":"Cisco UCS Manager 2.1(1b) - Remote Command Injection (Shellshock)","documentURL":"https://github.com/offensive-security/exploitdb/exploits/hardware/remote/39568.py"}],"alertDict":{"ja":null,"en":null}},"CVE-2015-0247":{"cveID":"CVE-2015-0247","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"e2fsprogs","notFixedYet":true,"fixState":"Fix deferred"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2015-0247","title":"E2fsprogs の libext2fs ライブラリの openfs.c におけるヒープベースのバッファオーバーフローの脆弱性","summary":"E2fsprogs の libext2fs ライブラリの openfs.c には、ヒープベースのバッファオーバーフローの脆弱性が存在します。","cvss2Score":4.6,"cvss2Vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"Medium","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-001550.html","references":[{"source":"CVE","link":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0247","refID":""},{"source":"NVD","link":"http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0247","refID":""},{"source":"関連文書","link":"http://advisories.mageia.org/MGASA-2015-0061.html","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-119.html","refID":""}],"published":"2015-02-23T15:14:00+09:00","lastModified":"2015-04-09T17:10:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2015-0247","title":"","summary":"Heap-based buffer overflow in openfs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code via crafted block group descriptor data in a filesystem image.","cvss2Score":4.6,"cvss2Vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"MEDIUM","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2015-0247","references":[{"source":"","link":"http://advisories.mageia.org/MGASA-2015-0061.html","refID":""},{"source":"","link":"http://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=f66e6ce4","refID":""},{"source":"","link":"http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149434.html","refID":""},{"source":"","link":"http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150606.html","refID":""},{"source":"","link":"http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150805.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00019.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-updates/2015-06/msg00010.html","refID":""},{"source":"","link":"http://packetstormsecurity.com/files/130283/e2fsprogs-Input-Sanitization.html","refID":""},{"source":"","link":"http://www.debian.org/security/2015/dsa-3166","refID":""},{"source":"","link":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:045","refID":""},{"source":"","link":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:067","refID":""},{"source":"","link":"http://www.ocert.org/advisories/ocert-2015-002.html","refID":""},{"source":"","link":"http://www.securityfocus.com/archive/1/534633/100/0/threaded","refID":""},{"source":"","link":"http://www.securityfocus.com/bid/72520","refID":""},{"source":"","link":"http://www.ubuntu.com/usn/USN-2507-1","refID":""},{"source":"","link":"https://bugzilla.redhat.com/show_bug.cgi?id=1187032","refID":""},{"source":"","link":"https://exchange.xforce.ibmcloud.com/vulnerabilities/100740","refID":""},{"source":"","link":"https://security.gentoo.org/glsa/201701-06","refID":""}],"cweIDs":["CWE-119"],"published":"2015-02-17T15:59:00Z","lastModified":"2018-10-09T19:55:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2015-0247","title":"CVE-2015-0247 e2fsprogs: ext2fs_open2() missing first_meta_bg boundary check leading to heap buffer overflow (oCERT-015-002)","summary":"Heap-based buffer overflow in openfs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code via crafted block group descriptor data in a filesystem image.\nA heap-based buffer overflow flaw was found in e2fsprogs. A specially crafted Ext2/3/4 file system could cause an application using the ext2fs library (for example, fsck) to crash or, possibly, execute arbitrary code.","cvss2Score":6.9,"cvss2Vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","cvss2Severity":"Moderate","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://access.redhat.com/security/cve/CVE-2015-0247","references":[{"source":"","link":"http://www.ocert.org/advisories/ocert-2015-002.html","refID":""}],"cweIDs":["CWE-122"],"published":"2015-02-05T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":[{"url":"http://www.ocert.org/advisories/ocert-2015-002.html","team":"us"}]}},"CVE-2015-0837":{"cveID":"CVE-2015-0837","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"gnupg2","notFixedYet":true,"fixState":"Fix deferred"},{"name":"libgcrypt","notFixedYet":true,"fixState":"Fix deferred"}],"cveContents":{"redhat_api":{"type":"redhat_api","cveID":"CVE-2015-0837","title":"CVE-2015-0837 libgcrypt: last-level cache side-channel attack","summary":"No description is available for this CVE.","cvss2Score":1.2,"cvss2Vector":"AV:L/AC:H/Au:N/C:P/I:N/A:N","cvss2Severity":"Low","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://access.redhat.com/security/cve/CVE-2015-0837","published":"2015-02-27T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2015-1465":{"cveID":"CVE-2015-1465","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2015-1465","title":"Linux Kernel の IPv4 の実装におけるサービス運用妨害 (DoS) の脆弱性","summary":"Linux Kernel の IPv4 の実装は、キャッシュしない場合のルックアップのリダイレクトに対して Read-Copy Update (RCU) の猶予期間の長さを適切に考慮しないため、サービス運用妨害 (メモリ消費またはシステムクラッシュ) 状態にされる脆弱性が存在します。\n\n補足情報 : CWE による脆弱性タイプは、CWE-17: Code (コード) と識別されています。\nhttp://cwe.mitre.org/data/definitions/17.html","cvss2Score":7.8,"cvss2Vector":"AV:N/AC:L/Au:N/C:N/I:N/A:C","cvss2Severity":"High","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-002103.html","references":[{"source":"CVE","link":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1465","refID":""},{"source":"NVD","link":"http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1465","refID":""},{"source":"","link":"https://www.ipa.go.jp/security/vuln/CWE.html#CWEOther","refID":""}],"published":"2015-04-07T18:16:00+09:00","lastModified":"2015-04-07T18:16:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2015-1465","title":"","summary":"The IPv4 implementation in the Linux kernel before 3.18.8 does not properly consider the length of the Read-Copy Update (RCU) grace period for redirecting lookups in the absence of caching, which allows remote attackers to cause a denial of service (memory consumption or system crash) via a flood of packets.","cvss2Score":7.8,"cvss2Vector":"AV:N/AC:L/Au:N/C:N/I:N/A:C","cvss2Severity":"HIGH","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2015-1465","references":[{"source":"","link":"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=df4d92549f23e1c037e83323aff58a21b3de7fe0","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html","refID":""},{"source":"","link":"http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.8","refID":""},{"source":"","link":"http://www.openwall.com/lists/oss-security/2015/02/03/13","refID":""},{"source":"","link":"http://www.securityfocus.com/bid/72435","refID":""},{"source":"","link":"http://www.securitytracker.com/id/1036763","refID":""},{"source":"","link":"http://www.ubuntu.com/usn/USN-2545-1","refID":""},{"source":"","link":"http://www.ubuntu.com/usn/USN-2546-1","refID":""},{"source":"","link":"http://www.ubuntu.com/usn/USN-2562-1","refID":""},{"source":"","link":"http://www.ubuntu.com/usn/USN-2563-1","refID":""},{"source":"","link":"https://bugzilla.redhat.com/show_bug.cgi?id=1183744","refID":""},{"source":"","link":"https://github.com/torvalds/linux/commit/df4d92549f23e1c037e83323aff58a21b3de7fe0","refID":""}],"cweIDs":["CWE-17"],"published":"2015-04-05T21:59:00Z","lastModified":"2017-08-13T01:29:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2015-1465","title":"CVE-2015-1465 kernel: net: DoS due to routing packets to too many different dsts/too fast","summary":"The IPv4 implementation in the Linux kernel before 3.18.8 does not properly consider the length of the Read-Copy Update (RCU) grace period for redirecting lookups in the absence of caching, which allows remote attackers to cause a denial of service (memory consumption or system crash) via a flood of packets.","cvss2Score":7.1,"cvss2Vector":"AV:N/AC:M/Au:N/C:N/I:N/A:C","cvss2Severity":"Important","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://access.redhat.com/security/cve/CVE-2015-1465","cweIDs":["CWE-400"],"published":"2015-01-23T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2015-2059":{"cveID":"CVE-2015-2059","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"libidn","notFixedYet":true,"fixState":"Fix deferred"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2015-2059","title":"jabberd2 で使用される libidn の stringprep_utf8_to_ucs4 関数におけるシステムメモリを読まれる脆弱性","summary":"jabberd2 で使用される libidn の stringprep_utf8_to_ucs4 関数には、システムメモリを読まれるなど、不特定の影響を受ける脆弱性が存在します。","cvss2Score":7.5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"High","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-004062.html","references":[{"source":"CVE","link":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2059","refID":""},{"source":"NVD","link":"http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2059","refID":""},{"source":"関連文書","link":"http://www.openwall.com/lists/oss-security/2015/02/23/25","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-119.html","refID":""}],"published":"2015-08-13T17:05:00+09:00","lastModified":"2015-08-13T17:05:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2015-2059","title":"","summary":"The stringprep_utf8_to_ucs4 function in libin before 1.31, as used in jabberd2, allows context-dependent attackers to read system memory and possibly have other unspecified impact via invalid UTF-8 characters in a string, which triggers an out-of-bounds read.","cvss2Score":7.5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"HIGH","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2015-2059","references":[{"source":"","link":"http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=2e97c279","refID":""},{"source":"","link":"http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162537.html","refID":""},{"source":"","link":"http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162549.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-updates/2015-07/msg00042.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-updates/2016-08/msg00098.html","refID":""},{"source":"","link":"http://www.debian.org/security/2016/dsa-3578","refID":""},{"source":"","link":"http://www.openwall.com/lists/oss-security/2015/02/23/25","refID":""},{"source":"","link":"http://www.securityfocus.com/bid/72736","refID":""},{"source":"","link":"http://www.ubuntu.com/usn/USN-3068-1","refID":""},{"source":"","link":"https://github.com/jabberd2/jabberd2/issues/85","refID":""}],"cweIDs":["CWE-119"],"published":"2015-08-12T14:59:00Z","lastModified":"2018-10-30T16:27:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2015-2059","title":"CVE-2015-2059 libidn: out-of-bounds read with stringprep on invalid UTF-8","summary":"The stringprep_utf8_to_ucs4 function in libin before 1.31, as used in jabberd2, allows context-dependent attackers to read system memory and possibly have other unspecified impact via invalid UTF-8 characters in a string, which triggers an out-of-bounds read.","cvss2Score":2.6,"cvss2Vector":"AV:N/AC:H/Au:N/C:P/I:N/A:N","cvss2Severity":"Low","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://access.redhat.com/security/cve/CVE-2015-2059","cweIDs":["CWE-125"],"published":"2015-02-23T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2015-3218":{"cveID":"CVE-2015-3218","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"polkit","notFixedYet":true,"fixState":"Fix deferred"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2015-3218","title":"Polkit の polkitbackend/polkitbackendinteractiveauthority.c におけるサービス運用妨害 (DoS) の脆弱性","summary":"Polkit (旧 PolicyKit) の polkitbackend/polkitbackendinteractiveauthority.c の authentication_agent_new 関数には、サービス運用妨害 (NULL ポインタデリファレンスおよび polkitd デーモンクラッシュ) 状態にされる脆弱性が存在します。\n\n補足情報 : CWE による脆弱性タイプは、CWE-476: NULL Pointer Dereference (NULL ポインタデリファレンス) と識別されています。\nhttp://cwe.mitre.org/data/definitions/476.html","cvss2Score":2.1,"cvss2Vector":"AV:L/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"Low","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-005623.html","references":[{"source":"CVE","link":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3218","refID":""},{"source":"NVD","link":"http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3218","refID":""},{"source":"","link":"https://www.ipa.go.jp/security/vuln/CWE.html#CWEOther","refID":""}],"published":"2015-10-29T15:54:00+09:00","lastModified":"2015-10-29T15:54:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2015-3218","title":"","summary":"The authentication_agent_new function in polkitbackend/polkitbackendinteractiveauthority.c in PolicyKit (aka polkit) before 0.113 allows local users to cause a denial of service (NULL pointer dereference and polkitd daemon crash) by calling RegisterAuthenticationAgent with an invalid object path.\n\u003ca href=\"http://cwe.mitre.org/data/definitions/476.html\"\u003eCWE-476: NULL Pointer Dereference\u003c/a\u003e","cvss2Score":2.1,"cvss2Vector":"AV:L/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"LOW","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2015-3218","references":[{"source":"","link":"http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161721.html","refID":""},{"source":"","link":"http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162294.html","refID":""},{"source":"","link":"http://lists.freedesktop.org/archives/polkit-devel/2015-July/000432.html","refID":""},{"source":"","link":"http://lists.freedesktop.org/archives/polkit-devel/2015-May/000420.html","refID":""},{"source":"","link":"http://lists.freedesktop.org/archives/polkit-devel/2015-May/000421.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00010.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-updates/2015-11/msg00042.html","refID":""},{"source":"","link":"http://www.securityfocus.com/bid/76086","refID":""},{"source":"","link":"http://www.securitytracker.com/id/1035023","refID":""},{"source":"","link":"https://usn.ubuntu.com/3717-1/","refID":""}],"cweIDs":["NVD-CWE-Other"],"published":"2015-10-26T19:59:00Z","lastModified":"2018-07-18T01:29:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2015-3218","title":"CVE-2015-3218 polkit: crash authentication_agent_new with invalid object path in RegisterAuthenticationAgent","summary":"The authentication_agent_new function in polkitbackend/polkitbackendinteractiveauthority.c in PolicyKit (aka polkit) before 0.113 allows local users to cause a denial of service (NULL pointer dereference and polkitd daemon crash) by calling RegisterAuthenticationAgent with an invalid object path.\nA NULL-pointer dereference flaw was discovered in polkitd. A malicious, local user could exploit this flaw to crash polkitd.","cvss2Score":2.1,"cvss2Vector":"AV:L/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"Low","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://access.redhat.com/security/cve/CVE-2015-3218","published":"2015-05-29T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2015-9289":{"cveID":"CVE-2015-9289","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2015-9289","title":"Linux Kernel におけるバッファエラーの脆弱性","summary":"Linux Kernel には、バッファエラーの脆弱性が存在します。","cvss2Score":7.5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"High","cvss3Score":9.8,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"Critical","sourceLink":"https://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-008272.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9289","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-9289","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-119.html","refID":""}],"published":"2019-08-02T14:04:00+09:00","lastModified":"2019-08-02T14:04:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2015-9289","title":"","summary":"In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the userspace API. However, the code allows larger values such as 23.","cvss2Score":7.5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"HIGH","cvss3Score":9.8,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"CRITICAL","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2015-9289","references":[{"source":"","link":"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1fa2337a315a2448c5434f41e00d56b01a22283c","refID":""},{"source":"","link":"https://github.com/torvalds/linux/commit/1fa2337a315a2448c5434f41e00d56b01a22283c","refID":""},{"source":"","link":"https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.4","refID":""}],"cweIDs":["CWE-119"],"published":"2019-07-27T22:15:00Z","lastModified":"2019-07-31T21:16:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2015-9289","title":"CVE-2015-9289 kernel: buffer overflow in drivers/media/dvb-frontends/cx24116.c","summary":"In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the userspace API. However, the code allows larger values such as 23.\nA vulnerability was found in the Linux kernel’s CX24116 tv-card driver, where a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. An attacker could use this flaw to corrupt memory and escalate privileges.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":7.8,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"Important","sourceLink":"https://access.redhat.com/security/cve/CVE-2015-9289","cweIDs":["CWE-120"],"published":"2019-07-27T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2017-1000253":{"cveID":"CVE-2017-1000253","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2017-1000253","title":"Red Hat Enterprise Linux および Centos におけるバッファエラーの脆弱性","summary":"Red Hat Enterprise Linux および Centos には、バッファエラーの脆弱性が存在します。","cvss2Score":7.2,"cvss2Vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","cvss2Severity":"High","cvss3Score":7.8,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-008958.html","references":[{"source":"CVE","link":"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000253","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000253","refID":""},{"source":"関連文書","link":"https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-119.html","refID":""}],"published":"2017-10-31T16:16:00+09:00","lastModified":"2017-10-31T16:16:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2017-1000253","title":"","summary":"Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm-\u003emmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm-\u003emmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm-\u003emmap_base into the are that is supposed to be the \"gap\" between the stack and the binary.","cvss2Score":7.2,"cvss2Vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","cvss2Severity":"HIGH","cvss3Score":7.8,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"HIGH","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000253","references":[{"source":"","link":"http://www.securityfocus.com/bid/101010","refID":""},{"source":"","link":"http://www.securitytracker.com/id/1039434","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2017:2793","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2017:2794","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2017:2795","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2017:2796","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2017:2797","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2017:2798","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2017:2799","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2017:2800","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2017:2801","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2017:2802","refID":""},{"source":"","link":"https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt","refID":""}],"cweIDs":["CWE-119"],"published":"2017-10-05T01:29:00Z","lastModified":"2017-12-09T02:29:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2017-1000253","title":"CVE-2017-1000253 kernel: load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary","summary":"Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm-\u003emmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm-\u003emmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm-\u003emmap_base into the are that is supposed to be the \"gap\" between the stack and the binary.\nA flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":7.8,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"Important","sourceLink":"https://access.redhat.com/security/cve/CVE-2017-1000253","references":[{"source":"","link":"https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt","refID":""}],"cweIDs":["CWE-119"],"published":"2017-09-26T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":"\nBy setting vm.legacy_va_layout to 1 we can effectively disable the exploitation of this issue by switching to the legacy mmap layout. The mmap allocations start much lower in the process address space and follow the bottom-up allocation model. As such, the initial PIE executable mapping is far from the reserved stack area and cannot interfere with the stack.\n\n64-bit processes on Red Hat Enterprise Linux 5 are forced to use the legacy virtual address space layout regardless of the vm.legacy_va_layout value.\n\nNote: Applications that have demands for a large linear address space (such as certain databases) may be unable to handle the legacy memory layout proposed using this mitigation. We recommend to test your systems and applications before deploying this mitigation on production systems.\n\nEdit the /etc/sysctl.conf file as root, and add or amend:\n\n vm.legacy_va_layout = 1\n \t\t\t\t\t\t\t\t\n\nTo apply this setting, run the /sbin/sysctl -p command as the root user to reload the settings from /etc/sysctl.conf.\n\nVerify that vm.legacy_va_layout is now set to defined value:\n\n $ /sbin/sysctl vm.legacy_va_layout\n vm.legacy_va_layout = 1\n "}},"alertDict":{"ja":null,"en":null}},"CVE-2017-12652":{"cveID":"CVE-2017-12652","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"libpng","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2017-12652","title":"libpng における入力確認に関する脆弱性","summary":"libpng には、入力確認に関する脆弱性が存在します。","cvss2Score":7.5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"High","cvss3Score":9.8,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"Critical","sourceLink":"https://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-014576.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12652","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-12652","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-20.html","refID":""}],"published":"2019-07-19T10:55:00+09:00","lastModified":"2019-07-19T10:55:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2017-12652","title":"","summary":"libpng before 1.6.32 does not properly check the length of chunks against the user limit.","cvss2Score":7.5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"HIGH","cvss3Score":9.8,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"CRITICAL","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2017-12652","references":[{"source":"","link":"http://www.securityfocus.com/bid/109269","refID":""},{"source":"","link":"https://github.com/glennrp/libpng/blob/df7e9dae0c4aac63d55361e35709c864fa1b8363/ANNOUNCE","refID":""},{"source":"","link":"https://support.f5.com/csp/article/K88124225","refID":""},{"source":"","link":"https://support.f5.com/csp/article/K88124225?utm_source=f5support\u0026amp;utm_medium=RSS","refID":""}],"cweIDs":["CWE-20"],"published":"2019-07-10T15:15:00Z","lastModified":"2019-09-17T10:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2017-12652","title":"CVE-2017-12652 libpng: does not check length of chunks against user limit","summary":"libpng before 1.6.32 does not properly check the length of chunks against the user limit.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":3.7,"cvss3Vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3Severity":"Low","sourceLink":"https://access.redhat.com/security/cve/CVE-2017-12652","cweIDs":["CWE-20"],"published":"2019-07-10T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2017-16939":{"cveID":"CVE-2017-16939","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2017-16939","title":"Linux Kernel における認可・権限・アクセス制御に関する脆弱性","summary":"Linux Kernel には、認可・権限・アクセス制御に関する脆弱性が存在します。","cvss2Score":7.2,"cvss2Vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","cvss2Severity":"High","cvss3Score":7.8,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-010567.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16939","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-16939","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-264.html","refID":""}],"published":"2017-12-19T16:47:00+09:00","lastModified":"2017-12-19T16:47:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2017-16939","title":"","summary":"The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages.","cvss2Score":7.2,"cvss2Vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","cvss2Severity":"HIGH","cvss3Score":7.8,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"HIGH","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2017-16939","references":[{"source":"","link":"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1137b5e2529a8f5ca8ee709288ecba3e68044df2","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html","refID":""},{"source":"","link":"http://seclists.org/fulldisclosure/2017/Nov/40","refID":""},{"source":"","link":"http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.11","refID":""},{"source":"","link":"http://www.securityfocus.com/bid/101954","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2018:1318","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2018:1355","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:1170","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:1190","refID":""},{"source":"","link":"https://blogs.securiteam.com/index.php/archives/3535","refID":""},{"source":"","link":"https://bugzilla.suse.com/show_bug.cgi?id=1069702","refID":""},{"source":"","link":"https://github.com/torvalds/linux/commit/1137b5e2529a8f5ca8ee709288ecba3e68044df2","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html","refID":""},{"source":"","link":"https://www.debian.org/security/2018/dsa-4082","refID":""}],"cweIDs":["CWE-416"],"published":"2017-11-24T10:29:00Z","lastModified":"2019-10-03T00:03:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2017-16939","title":"CVE-2017-16939 Kernel: ipsec: xfrm: use-after-free leading to potential privilege escalation","summary":"The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages.\nThe Linux kernel is vulerable to a use-after-free flaw when Transformation User configuration interface(CONFIG_XFRM_USER) compile-time configuration were enabled. This vulnerability occurs while closing a xfrm netlink socket in xfrm_dump_policy_done. A user/process could abuse this flaw to potentially escalate their privileges on a system.","cvss2Score":6.2,"cvss2Vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","cvss2Severity":"Important","cvss3Score":8.1,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","cvss3Severity":"Important","sourceLink":"https://access.redhat.com/security/cve/CVE-2017-16939","cweIDs":["CWE-416"],"published":"2017-11-24T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2017-5715":{"cveID":"CVE-2017-5715","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"microcode_ctl","notFixedYet":true,"fixState":"Affected"},{"name":"linux-firmware","notFixedYet":true,"fixState":"Affected"},{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2017-5715","title":"CPU に対するサイドチャネル攻撃","summary":"投機的実行機能やアウトオブオーダー実行機能を持つ CPU に対してサイドチャネル攻撃を行う手法が複数の研究者によって報告されています。\n\n投機的実行機能やアウトオブオーダー実行機能を持つ CPU に対してサイドチャネル攻撃を行う手法 (Spectre および Meltdown) が報告されています。\n\n詳細については、Google Project Zero のブログ記事(\"Reading privileged memory with a side-channel\")や Graz University of Technology (TU Graz) の研究者による情報(\"Meltdown and Spectre\")を参照してください。\n\n\"Reading privileged memory with a side-channel\"\nhttps://googleprojectzero.blogspot.jp/2018/01/reading-privileged-memory-with-side.html\n\n\"Meltdown and Spectre\"\nhttps://meltdownattack.com/","cvss2Score":4.4,"cvss2Vector":"AV:L/AC:M/Au:S/C:C/I:N/A:N","cvss2Severity":"Medium","cvss3Score":4.7,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2018/JVNDB-2018-001001.html","published":"2018-01-04T18:47:00+09:00","lastModified":"2018-02-23T14:26:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2017-5715","title":"","summary":"Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.","cvss2Score":4.7,"cvss2Vector":"AV:L/AC:M/Au:N/C:C/I:N/A:N","cvss2Severity":"MEDIUM","cvss3Score":5.6,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2017-5715","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00002.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00003.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00005.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00009.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00012.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00013.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html","refID":""},{"source":"","link":"http://nvidia.custhelp.com/app/answers/detail/a_id/4609","refID":""},{"source":"","link":"http://nvidia.custhelp.com/app/answers/detail/a_id/4611","refID":""},{"source":"","link":"http://nvidia.custhelp.com/app/answers/detail/a_id/4613","refID":""},{"source":"","link":"http://nvidia.custhelp.com/app/answers/detail/a_id/4614","refID":""},{"source":"","link":"http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html","refID":""},{"source":"","link":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt","refID":""},{"source":"","link":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt","refID":""},{"source":"","link":"http://www.kb.cert.org/vuls/id/584653","refID":""},{"source":"","link":"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html","refID":""},{"source":"","link":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html","refID":""},{"source":"","link":"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html","refID":""},{"source":"","link":"http://www.securityfocus.com/bid/102376","refID":""},{"source":"","link":"http://www.securitytracker.com/id/1040071","refID":""},{"source":"","link":"http://xenbits.xen.org/xsa/advisory-254.html","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2018:0292","refID":""},{"source":"","link":"https://access.redhat.com/security/vulnerabilities/speculativeexecution","refID":""},{"source":"","link":"https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/","refID":""},{"source":"","link":"https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/","refID":""},{"source":"","link":"https://cert.vde.com/en-us/advisories/vde-2018-002","refID":""},{"source":"","link":"https://cert.vde.com/en-us/advisories/vde-2018-003","refID":""},{"source":"","link":"https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability","refID":""},{"source":"","link":"https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html","refID":""},{"source":"","link":"https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html","refID":""},{"source":"","link":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Jun/36","refID":""},{"source":"","link":"https://security.FreeBSD.org/advisories/FreeBSD-SA-18:03.speculative_execution.asc","refID":""},{"source":"","link":"https://security.gentoo.org/glsa/201810-06","refID":""},{"source":"","link":"https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20180104-0001/","refID":""},{"source":"","link":"https://securityadvisories.paloaltonetworks.com/Home/Detail/121","refID":""},{"source":"","link":"https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088\u0026languageid=en-fr","refID":""},{"source":"","link":"https://spectreattack.com/","refID":""},{"source":"","link":"https://support.citrix.com/article/CTX231399","refID":""},{"source":"","link":"https://support.f5.com/csp/article/K91229003","refID":""},{"source":"","link":"https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us","refID":""},{"source":"","link":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us","refID":""},{"source":"","link":"https://support.lenovo.com/us/en/solutions/LEN-18282","refID":""},{"source":"","link":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel","refID":""},{"source":"","link":"https://usn.ubuntu.com/3531-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3531-3/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3540-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3541-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3542-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3549-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3560-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3561-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3580-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3581-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3581-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3582-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3582-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3594-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3597-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3597-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3620-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3690-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3777-3/","refID":""},{"source":"","link":"https://usn.ubuntu.com/usn/usn-3516-1/","refID":""},{"source":"","link":"https://www.debian.org/security/2018/dsa-4120","refID":""},{"source":"","link":"https://www.debian.org/security/2018/dsa-4187","refID":""},{"source":"","link":"https://www.debian.org/security/2018/dsa-4188","refID":""},{"source":"","link":"https://www.debian.org/security/2018/dsa-4213","refID":""},{"source":"","link":"https://www.exploit-db.com/exploits/43427/","refID":""},{"source":"","link":"https://www.kb.cert.org/vuls/id/180049","refID":""},{"source":"","link":"https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001","refID":""},{"source":"","link":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","refID":""},{"source":"","link":"https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/","refID":""},{"source":"","link":"https://www.synology.com/support/security/Synology_SA_18_01","refID":""},{"source":"","link":"https://www.vmware.com/security/advisories/VMSA-2018-0007.html","refID":""},{"source":"","link":"https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html","refID":""},{"source":"","link":"https://www.vmware.com/us/security/advisories/VMSA-2018-0004.html","refID":""}],"cweIDs":["CWE-200"],"published":"2018-01-04T13:29:00Z","lastModified":"2018-11-30T21:31:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2017-5715","title":"CVE-2017-5715 hw: cpu: speculative execution branch target injection","summary":"Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.\nAn industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":5.6,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N","cvss3Severity":"Important","sourceLink":"https://access.redhat.com/security/cve/CVE-2017-5715","references":[{"source":"","link":"https://access.redhat.com/security/vulnerabilities/speculativeexecution\nhttps://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html\nhttps://spectreattack.com/\nhttps://meltdownattack.com","refID":""}],"cweIDs":["CWE-200"],"published":"2018-01-03T22:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"exploits":[{"exploitType":"OffensiveSecurity","id":"43427","url":"https://www.exploit-db.com/exploits/43427","description":"Multiple CPUs - 'Spectre' Information Disclosure","documentURL":"https://github.com/offensive-security/exploitdb/exploits/multiple/local/43427.c"}],"alertDict":{"ja":null,"en":[{"url":"http://www.kb.cert.org/vuls/id/584653","title":"VU#584653 - CPU hardware vulnerable to side-channel attackssearchmenuicon-carat-rightcmu-wordmark","team":"us"}]}},"CVE-2017-5753":{"cveID":"CVE-2017-5753","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2017-5753","title":"CPU に対するサイドチャネル攻撃","summary":"投機的実行機能やアウトオブオーダー実行機能を持つ CPU に対してサイドチャネル攻撃を行う手法が複数の研究者によって報告されています。\n\n投機的実行機能やアウトオブオーダー実行機能を持つ CPU に対してサイドチャネル攻撃を行う手法 (Spectre および Meltdown) が報告されています。\n\n詳細については、Google Project Zero のブログ記事(\"Reading privileged memory with a side-channel\")や Graz University of Technology (TU Graz) の研究者による情報(\"Meltdown and Spectre\")を参照してください。\n\n\"Reading privileged memory with a side-channel\"\nhttps://googleprojectzero.blogspot.jp/2018/01/reading-privileged-memory-with-side.html\n\n\"Meltdown and Spectre\"\nhttps://meltdownattack.com/","cvss2Score":4.4,"cvss2Vector":"AV:L/AC:M/Au:S/C:C/I:N/A:N","cvss2Severity":"Medium","cvss3Score":4.7,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2018/JVNDB-2018-001001.html","published":"2018-01-04T18:47:00+09:00","lastModified":"2018-02-23T14:26:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2017-5753","title":"","summary":"Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.","cvss2Score":4.7,"cvss2Vector":"AV:L/AC:M/Au:N/C:C/I:N/A:N","cvss2Severity":"MEDIUM","cvss3Score":5.6,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2017-5753","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html","refID":""},{"source":"","link":"http://nvidia.custhelp.com/app/answers/detail/a_id/4609","refID":""},{"source":"","link":"http://nvidia.custhelp.com/app/answers/detail/a_id/4611","refID":""},{"source":"","link":"http://nvidia.custhelp.com/app/answers/detail/a_id/4613","refID":""},{"source":"","link":"http://nvidia.custhelp.com/app/answers/detail/a_id/4614","refID":""},{"source":"","link":"http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html","refID":""},{"source":"","link":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt","refID":""},{"source":"","link":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt","refID":""},{"source":"","link":"http://www.kb.cert.org/vuls/id/584653","refID":""},{"source":"","link":"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html","refID":""},{"source":"","link":"http://www.securityfocus.com/bid/102371","refID":""},{"source":"","link":"http://www.securitytracker.com/id/1040071","refID":""},{"source":"","link":"http://xenbits.xen.org/xsa/advisory-254.html","refID":""},{"source":"","link":"https://01.org/security/advisories/intel-oss-10002","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2018:0292","refID":""},{"source":"","link":"https://access.redhat.com/security/vulnerabilities/speculativeexecution","refID":""},{"source":"","link":"https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/","refID":""},{"source":"","link":"https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/","refID":""},{"source":"","link":"https://cert.vde.com/en-us/advisories/vde-2018-002","refID":""},{"source":"","link":"https://cert.vde.com/en-us/advisories/vde-2018-003","refID":""},{"source":"","link":"https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf","refID":""},{"source":"","link":"https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability","refID":""},{"source":"","link":"https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html","refID":""},{"source":"","link":"https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html","refID":""},{"source":"","link":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Jun/36","refID":""},{"source":"","link":"https://security.gentoo.org/glsa/201810-06","refID":""},{"source":"","link":"https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20180104-0001/","refID":""},{"source":"","link":"https://spectreattack.com/","refID":""},{"source":"","link":"https://support.citrix.com/article/CTX231399","refID":""},{"source":"","link":"https://support.f5.com/csp/article/K91229003","refID":""},{"source":"","link":"https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us","refID":""},{"source":"","link":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us","refID":""},{"source":"","link":"https://support.lenovo.com/us/en/solutions/LEN-18282","refID":""},{"source":"","link":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel","refID":""},{"source":"","link":"https://usn.ubuntu.com/3540-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3540-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3541-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3541-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3542-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3542-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3549-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3580-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3597-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3597-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/usn/usn-3516-1/","refID":""},{"source":"","link":"https://www.debian.org/security/2018/dsa-4187","refID":""},{"source":"","link":"https://www.debian.org/security/2018/dsa-4188","refID":""},{"source":"","link":"https://www.exploit-db.com/exploits/43427/","refID":""},{"source":"","link":"https://www.kb.cert.org/vuls/id/180049","refID":""},{"source":"","link":"https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001","refID":""},{"source":"","link":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","refID":""},{"source":"","link":"https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/","refID":""},{"source":"","link":"https://www.synology.com/support/security/Synology_SA_18_01","refID":""},{"source":"","link":"https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html","refID":""}],"cweIDs":["CWE-200"],"published":"2018-01-04T13:29:00Z","lastModified":"2019-04-23T19:30:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2017-5753","title":"CVE-2017-5753 hw: cpu: speculative execution bounds-check bypass","summary":"Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.\nAn industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3Severity":"Important","sourceLink":"https://access.redhat.com/security/cve/CVE-2017-5753","references":[{"source":"","link":"https://access.redhat.com/security/vulnerabilities/speculativeexecution\nhttps://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html\nhttps://spectreattack.com/\nhttps://meltdownattack.com","refID":""}],"cweIDs":["CWE-200"],"published":"2018-01-03T22:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"exploits":[{"exploitType":"OffensiveSecurity","id":"43427","url":"https://www.exploit-db.com/exploits/43427","description":"Multiple CPUs - 'Spectre' Information Disclosure","documentURL":"https://github.com/offensive-security/exploitdb/exploits/multiple/local/43427.c"}],"alertDict":{"ja":null,"en":[{"url":"https://www.kb.cert.org/vuls/id/180049","title":"VU#584653 - CPU hardware vulnerable to side-channel attackssearchmenuicon-carat-rightcmu-wordmark","team":"us"},{"url":"https://www.kb.cert.org/vuls/id/180049","title":"VU#180049 - CPU hardware utilizing speculative execution may be vulnerable to cache side-channel attackssearchmenuicon-carat-rightcmu-wordmark","team":"us"}]}},"CVE-2017-5754":{"cveID":"CVE-2017-5754","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2017-5754","title":"CPU に対するサイドチャネル攻撃","summary":"投機的実行機能やアウトオブオーダー実行機能を持つ CPU に対してサイドチャネル攻撃を行う手法が複数の研究者によって報告されています。\n\n投機的実行機能やアウトオブオーダー実行機能を持つ CPU に対してサイドチャネル攻撃を行う手法 (Spectre および Meltdown) が報告されています。\n\n詳細については、Google Project Zero のブログ記事(\"Reading privileged memory with a side-channel\")や Graz University of Technology (TU Graz) の研究者による情報(\"Meltdown and Spectre\")を参照してください。\n\n\"Reading privileged memory with a side-channel\"\nhttps://googleprojectzero.blogspot.jp/2018/01/reading-privileged-memory-with-side.html\n\n\"Meltdown and Spectre\"\nhttps://meltdownattack.com/","cvss2Score":4.4,"cvss2Vector":"AV:L/AC:M/Au:S/C:C/I:N/A:N","cvss2Severity":"Medium","cvss3Score":4.7,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2018/JVNDB-2018-001001.html","references":[{"source":"JVN","link":"http://jvn.jp/vu/JVNVU93823979/index.html","refID":""},{"source":"JVN","link":"http://jvn.jp/vu/JVNVU94630516/","refID":""},{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715","refID":""},{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5753","refID":""},{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5754","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-5715","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-5754","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-5753","refID":""},{"source":"CERT-SA","link":"https://www.us-cert.gov/ncas/alerts/TA18-004A","refID":""},{"source":"CERT-VN","link":"https://www.kb.cert.org/vuls/id/584653","refID":""},{"source":"ICS-CERT ALERT","link":"https://ics-cert.us-cert.gov/alerts/ICS-ALERT-18-011-01A","refID":""},{"source":"関連文書","link":"http://blog.cyberus-technology.de/posts/2018-01-03-meltdown.html","refID":""},{"source":"関連文書","link":"https://meltdownattack.com/","refID":""},{"source":"関連文書","link":"https://googleprojectzero.blogspot.jp/2018/01/reading-privileged-memory-with-side.html","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-200.html","refID":""}],"published":"2018-01-04T18:47:00+09:00","lastModified":"2018-02-23T14:26:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2017-5754","title":"","summary":"Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.","cvss2Score":4.7,"cvss2Vector":"AV:L/AC:M/Au:N/C:C/I:N/A:N","cvss2Severity":"MEDIUM","cvss3Score":5.6,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2017-5754","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html","refID":""},{"source":"","link":"http://nvidia.custhelp.com/app/answers/detail/a_id/4609","refID":""},{"source":"","link":"http://nvidia.custhelp.com/app/answers/detail/a_id/4611","refID":""},{"source":"","link":"http://nvidia.custhelp.com/app/answers/detail/a_id/4613","refID":""},{"source":"","link":"http://nvidia.custhelp.com/app/answers/detail/a_id/4614","refID":""},{"source":"","link":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt","refID":""},{"source":"","link":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt","refID":""},{"source":"","link":"http://www.kb.cert.org/vuls/id/584653","refID":""},{"source":"","link":"http://www.securityfocus.com/bid/102378","refID":""},{"source":"","link":"http://www.securityfocus.com/bid/106128","refID":""},{"source":"","link":"http://www.securitytracker.com/id/1040071","refID":""},{"source":"","link":"http://xenbits.xen.org/xsa/advisory-254.html","refID":""},{"source":"","link":"https://01.org/security/advisories/intel-oss-10003","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2018:0292","refID":""},{"source":"","link":"https://access.redhat.com/security/vulnerabilities/speculativeexecution","refID":""},{"source":"","link":"https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/","refID":""},{"source":"","link":"https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/","refID":""},{"source":"","link":"https://cert.vde.com/en-us/advisories/vde-2018-002","refID":""},{"source":"","link":"https://cert.vde.com/en-us/advisories/vde-2018-003","refID":""},{"source":"","link":"https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability","refID":""},{"source":"","link":"https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html","refID":""},{"source":"","link":"https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0","refID":""},{"source":"","link":"https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html","refID":""},{"source":"","link":"https://meltdownattack.com/","refID":""},{"source":"","link":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002","refID":""},{"source":"","link":"https://security.FreeBSD.org/advisories/FreeBSD-SA-18:03.speculative_execution.asc","refID":""},{"source":"","link":"https://security.gentoo.org/glsa/201810-06","refID":""},{"source":"","link":"https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20180104-0001/","refID":""},{"source":"","link":"https://source.android.com/security/bulletin/2018-04-01","refID":""},{"source":"","link":"https://support.citrix.com/article/CTX231399","refID":""},{"source":"","link":"https://support.citrix.com/article/CTX234679","refID":""},{"source":"","link":"https://support.f5.com/csp/article/K91229003","refID":""},{"source":"","link":"https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us","refID":""},{"source":"","link":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03871en_us","refID":""},{"source":"","link":"https://support.lenovo.com/us/en/solutions/LEN-18282","refID":""},{"source":"","link":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel","refID":""},{"source":"","link":"https://usn.ubuntu.com/3522-3/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3522-4/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3523-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3540-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3541-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3583-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3597-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3597-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/usn/usn-3516-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/usn/usn-3522-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/usn/usn-3523-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/usn/usn-3524-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/usn/usn-3525-1/","refID":""},{"source":"","link":"https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletin","refID":""},{"source":"","link":"https://www.debian.org/security/2018/dsa-4078","refID":""},{"source":"","link":"https://www.debian.org/security/2018/dsa-4082","refID":""},{"source":"","link":"https://www.debian.org/security/2018/dsa-4120","refID":""},{"source":"","link":"https://www.kb.cert.org/vuls/id/180049","refID":""},{"source":"","link":"https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001","refID":""},{"source":"","link":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","refID":""},{"source":"","link":"https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/","refID":""},{"source":"","link":"https://www.synology.com/support/security/Synology_SA_18_01","refID":""}],"cweIDs":["CWE-200"],"published":"2018-01-04T13:29:00Z","lastModified":"2019-04-23T19:30:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2017-5754","title":"CVE-2017-5754 hw: cpu: speculative execution permission faults handling","summary":"Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.\nAn industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. Note: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3Severity":"Important","sourceLink":"https://access.redhat.com/security/cve/CVE-2017-5754","references":[{"source":"","link":"https://access.redhat.com/security/vulnerabilities/speculativeexecution\nhttps://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html\nhttps://spectreattack.com/\nhttps://meltdownattack.com","refID":""}],"cweIDs":["CWE-200"],"published":"2018-01-03T22:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":[{"url":"http://www.kb.cert.org/vuls/id/584653","title":"VU#584653 - CPU hardware vulnerable to side-channel attackssearchmenuicon-carat-rightcmu-wordmark","team":"us"}]}},"CVE-2018-0735":{"cveID":"CVE-2018-0735","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"openssl","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2018-0735","title":"OpenSSL ECDSA 署名アルゴリズムにおける鍵管理のエラーに関する脆弱性","summary":"OpenSSL ECDSA 署名アルゴリズムには、鍵管理のエラーに関する脆弱性が存在します","cvss2Score":4.3,"cvss2Vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","cvss2Severity":"Medium","cvss3Score":5.9,"cvss3Vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2018/JVNDB-2018-014030.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0735","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-0735","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/320.html","refID":""}],"published":"2019-03-11T14:01:00+09:00","lastModified":"2019-03-11T14:01:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2018-0735","title":"","summary":"The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1).","cvss2Score":4.3,"cvss2Vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","cvss2Severity":"MEDIUM","cvss3Score":5.9,"cvss3Vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2018-0735","references":[{"source":"","link":"http://www.securityfocus.com/bid/105750","refID":""},{"source":"","link":"http://www.securitytracker.com/id/1041986","refID":""},{"source":"","link":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=56fb454d281a023b3f950d969693553d3f3ceea1","refID":""},{"source":"","link":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b1d6d55ece1c26fa2829e2b819b038d7b6d692b4","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2018/11/msg00024.html","refID":""},{"source":"","link":"https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20181105-0002/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3840-1/","refID":""},{"source":"","link":"https://www.debian.org/security/2018/dsa-4348","refID":""},{"source":"","link":"https://www.openssl.org/news/secadv/20181029.txt","refID":""},{"source":"","link":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","refID":""},{"source":"","link":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html","refID":""},{"source":"","link":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","refID":""}],"cweIDs":["CWE-320"],"published":"2018-10-29T13:29:00Z","lastModified":"2019-07-23T23:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2018-0735","title":"CVE-2018-0735 openssl: timing side channel attack in the ECDSA signature generation","summary":"The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1).","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":5.1,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3Severity":"Low","sourceLink":"https://access.redhat.com/security/cve/CVE-2018-0735","cweIDs":["CWE-385"],"published":"2018-10-25T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2018-10360":{"cveID":"CVE-2018-10360","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"file","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2018-10360","title":"file における境界外読み取りに関する脆弱性","summary":"file には、境界外読み取りに関する脆弱性が存在します。","cvss2Score":4.3,"cvss2Vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","cvss2Severity":"Medium","cvss3Score":6.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2018/JVNDB-2018-006269.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10360","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-10360","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/125.html","refID":""}],"published":"2018-08-14T14:45:00+09:00","lastModified":"2018-08-14T14:45:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2018-10360","title":"","summary":"The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.","cvss2Score":4.3,"cvss2Vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","cvss2Severity":"MEDIUM","cvss3Score":6.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2018-10360","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html","refID":""},{"source":"","link":"https://github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22","refID":""},{"source":"","link":"https://security.gentoo.org/glsa/201806-08","refID":""},{"source":"","link":"https://usn.ubuntu.com/3686-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3686-2/","refID":""}],"cweIDs":["CWE-125"],"published":"2018-06-11T10:29:00Z","lastModified":"2019-05-02T14:40:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2018-10360","title":"CVE-2018-10360 file: out-of-bounds read via a crafted ELF file","summary":"The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":4.3,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3Severity":"Low","sourceLink":"https://access.redhat.com/security/cve/CVE-2018-10360","cweIDs":["CWE-125"],"published":"2018-06-09T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2018-1116":{"cveID":"CVE-2018-1116","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"polkit","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2018-1116","title":"polkit における情報漏えいに関する脆弱性","summary":"polkit には、情報漏えいに関する脆弱性が存在します。","cvss2Score":3.6,"cvss2Vector":"AV:L/AC:L/Au:N/C:P/I:N/A:P","cvss2Severity":"Low","cvss3Score":7.1,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2018/JVNDB-2018-008006.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1116","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-1116","refID":""},{"source":"関連文書","link":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1116","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-200.html","refID":""}],"published":"2018-10-04T17:57:00+09:00","lastModified":"2018-10-04T17:57:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2018-1116","title":"","summary":"A flaw was found in polkit before version 0.116. The implementation of the polkit_backend_interactive_authority_check_authorization function in polkitd allows to test for authentication and trigger authentication of unrelated processes owned by other users. This may result in a local DoS and information disclosure.","cvss2Score":3.6,"cvss2Vector":"AV:L/AC:L/Au:N/C:P/I:N/A:P","cvss2Severity":"LOW","cvss3Score":7.1,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3Severity":"HIGH","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2018-1116","references":[{"source":"","link":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1116","refID":""},{"source":"","link":"https://cgit.freedesktop.org/polkit/commit/?id=bc7ffad5364","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2018/07/msg00042.html","refID":""},{"source":"","link":"https://security.gentoo.org/glsa/201908-14","refID":""},{"source":"","link":"https://usn.ubuntu.com/3717-2/","refID":""}],"cweIDs":["CWE-200"],"published":"2018-07-10T19:29:00Z","lastModified":"2019-10-09T23:38:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2018-1116","title":"CVE-2018-1116 polkit: Improper authorization in polkit_backend_interactive_authority_check_authorization function in polkitd","summary":"A flaw was found in polkit before version 0.116. The implementation of the polkit_backend_interactive_authority_check_authorization function in polkitd allows to test for authentication and trigger authentication of unrelated processes owned by other users. This may result in a local DoS and information disclosure.\nIt was found that Polkit's CheckAuthorization and RegisterAuthenticationAgent D-Bus calls did not validate the client provided UID. A specially crafted program could use this flaw to submit arbitrary UIDs, triggering various denial of service or minor disclosures, such as which authentication is cached in the victim's session.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":4.4,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L","cvss3Severity":"Low","sourceLink":"https://access.redhat.com/security/cve/CVE-2018-1116","cweIDs":["CWE-285"],"published":"2018-07-10T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2018-14609":{"cveID":"CVE-2018-14609","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2018-14609","title":"Linux Kernel における NULL ポインタデリファレンスに関する脆弱性","summary":"Linux Kernel には、NULL ポインタデリファレンスに関する脆弱性が存在します。","cvss2Score":7.1,"cvss2Vector":"AV:N/AC:M/Au:N/C:N/I:N/A:C","cvss2Severity":"High","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2018/JVNDB-2018-008356.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14609","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-14609","refID":""},{"source":"","link":"http://cwe.mitre.org/data/definitions/476.html","refID":""}],"published":"2018-10-16T13:37:00+09:00","lastModified":"2018-10-16T13:37:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2018-14609","title":"","summary":"An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in __del_reloc_root() in fs/btrfs/relocation.c when mounting a crafted btrfs image, related to removing reloc rb_trees when reloc control has not been initialized.","cvss2Score":7.1,"cvss2Vector":"AV:N/AC:M/Au:N/C:N/I:N/A:C","cvss2Severity":"HIGH","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2018-14609","references":[{"source":"","link":"http://www.securityfocus.com/bid/104917","refID":""},{"source":"","link":"https://bugzilla.kernel.org/show_bug.cgi?id=199833","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html","refID":""},{"source":"","link":"https://patchwork.kernel.org/patch/10500521/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3821-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3821-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4094-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4118-1/","refID":""},{"source":"","link":"https://www.debian.org/security/2018/dsa-4308","refID":""}],"cweIDs":["CWE-476"],"published":"2018-07-27T04:29:00Z","lastModified":"2019-08-13T19:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2018-14609","title":"CVE-2018-14609 kernel: Invalid pointer dereference in fs/btrfs/relocation.c:__del_reloc_root() when mounting crafted btrfs image","summary":"An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in __del_reloc_root() in fs/btrfs/relocation.c when mounting a crafted btrfs image, related to removing reloc rb_trees when reloc control has not been initialized.\nAn issue was discovered in the btrfs filesystem code in the Linux kernel. An invalid pointer dereference in __del_reloc_root() in fs/btrfs/relocation.c when mounting a crafted btrfs image could lead to a system crash and a denial of service.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":4.6,"cvss3Vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"Low","sourceLink":"https://access.redhat.com/security/cve/CVE-2018-14609","cweIDs":["CWE-476","CWE-400"],"published":"2018-05-26T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2018-14612":{"cveID":"CVE-2018-14612","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2018-14612","title":"Linux Kernel における NULL ポインタデリファレンスに関する脆弱性","summary":"Linux Kernel には、NULL ポインタデリファレンスに関する脆弱性が存在します。","cvss2Score":7.1,"cvss2Vector":"AV:N/AC:M/Au:N/C:N/I:N/A:C","cvss2Severity":"High","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2018/JVNDB-2018-008359.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14612","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-14612","refID":""},{"source":"","link":"http://cwe.mitre.org/data/definitions/476.html","refID":""}],"published":"2018-10-16T13:37:00+09:00","lastModified":"2018-10-16T13:37:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2018-14612","title":"","summary":"An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in btrfs_root_node() when mounting a crafted btrfs image, because of a lack of chunk block group mapping validation in btrfs_read_block_groups in fs/btrfs/extent-tree.c, and a lack of empty-tree checks in check_leaf in fs/btrfs/tree-checker.c.","cvss2Score":7.1,"cvss2Vector":"AV:N/AC:M/Au:N/C:N/I:N/A:C","cvss2Severity":"HIGH","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2018-14612","references":[{"source":"","link":"http://www.securityfocus.com/bid/104917","refID":""},{"source":"","link":"https://bugzilla.kernel.org/show_bug.cgi?id=199847","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html","refID":""},{"source":"","link":"https://patchwork.kernel.org/patch/10503403/","refID":""},{"source":"","link":"https://patchwork.kernel.org/patch/10503413/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3932-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3932-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4094-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4118-1/","refID":""}],"cweIDs":["CWE-476"],"published":"2018-07-27T04:29:00Z","lastModified":"2019-04-03T01:29:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2018-14612","title":"CVE-2018-14612 kernel: Invalid pointer dereference in btrfs_root_node() when mounting a crafted btrfs image","summary":"An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in btrfs_root_node() when mounting a crafted btrfs image, because of a lack of chunk block group mapping validation in btrfs_read_block_groups in fs/btrfs/extent-tree.c, and a lack of empty-tree checks in check_leaf in fs/btrfs/tree-checker.c.\nAn issue was discovered in the btrfs filesystem code in the Linux kernel. An invalid NULL pointer dereference in btrfs_root_node() when mounting a crafted btrfs image is due to a lack of chunk block group mapping validation in btrfs_read_block_groups() in the fs/btrfs/extent-tree.c function and a lack of empty-tree checks in check_leaf() in fs/btrfs/tree-checker.c function. This could lead to a system crash and a denial of service.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":4.6,"cvss3Vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"Low","sourceLink":"https://access.redhat.com/security/cve/CVE-2018-14612","cweIDs":["CWE-476","CWE-400"],"published":"2018-05-26T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2018-14613":{"cveID":"CVE-2018-14613","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2018-14613","title":"Linux Kernel における NULL ポインタデリファレンスに関する脆弱性","summary":"Linux Kernel には、NULL ポインタデリファレンスに関する脆弱性が存在します。","cvss2Score":7.1,"cvss2Vector":"AV:N/AC:M/Au:N/C:N/I:N/A:C","cvss2Severity":"High","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2018/JVNDB-2018-008360.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14613","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-14613","refID":""},{"source":"","link":"http://cwe.mitre.org/data/definitions/476.html","refID":""}],"published":"2018-10-16T13:37:00+09:00","lastModified":"2018-10-16T13:37:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2018-14613","title":"","summary":"An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in io_ctl_map_page() when mounting and operating a crafted btrfs image, because of a lack of block group item validation in check_leaf_item in fs/btrfs/tree-checker.c.","cvss2Score":7.1,"cvss2Vector":"AV:N/AC:M/Au:N/C:N/I:N/A:C","cvss2Severity":"HIGH","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2018-14613","references":[{"source":"","link":"http://www.securityfocus.com/bid/104917","refID":""},{"source":"","link":"https://bugzilla.kernel.org/show_bug.cgi?id=199849","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html","refID":""},{"source":"","link":"https://patchwork.kernel.org/patch/10503147/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3932-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3932-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4094-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4118-1/","refID":""}],"cweIDs":["CWE-476"],"published":"2018-07-27T04:29:00Z","lastModified":"2019-04-03T01:29:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2018-14613","title":"CVE-2018-14613 kernel: Invalid pointer dereference in io_ctl_map_page() when mounting and operating a crafted btrfs image","summary":"An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in io_ctl_map_page() when mounting and operating a crafted btrfs image, because of a lack of block group item validation in check_leaf_item in fs/btrfs/tree-checker.c.\nAn issue was discovered in the btrfs filesystem code in the Linux kernel. An invalid pointer dereference in io_ctl_map_page() when mounting and operating a crafted btrfs image is due to a lack of block group item validation in check_leaf_item() in fs/btrfs/tree-checker.c function. This could lead to a system crash and a denial of service.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":4.6,"cvss3Vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"Low","sourceLink":"https://access.redhat.com/security/cve/CVE-2018-14613","cweIDs":["CWE-476","CWE-400"],"published":"2018-05-26T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2018-15919":{"cveID":"CVE-2018-15919","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"openssh","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2018-15919","title":"OpenSSH における情報漏えいに関する脆弱性","summary":"OpenSSH には、情報漏えいに関する脆弱性が存在します。","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","cvss2Severity":"Medium","cvss3Score":5.3,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2018/JVNDB-2018-010019.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15919","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-15919","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-200.html","refID":""}],"published":"2018-12-04T12:10:00+09:00","lastModified":"2018-12-04T12:10:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2018-15919","title":"","summary":"Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or \"oracle\") as a vulnerability.'","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","cvss2Severity":"MEDIUM","cvss3Score":5.3,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2018-15919","references":[{"source":"","link":"http://seclists.org/oss-sec/2018/q3/180","refID":""},{"source":"","link":"http://www.securityfocus.com/bid/105163","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20181221-0001/","refID":""}],"cweIDs":["CWE-200"],"published":"2018-08-28T08:29:00Z","lastModified":"2019-03-07T16:29:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2018-15919","title":"CVE-2018-15919 openssh: User enumeration via malformed packets in authentication requests","summary":"Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or \"oracle\") as a vulnerability.'","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":5.3,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3Severity":"Low","sourceLink":"https://access.redhat.com/security/cve/CVE-2018-15919","cweIDs":["CWE-200"],"published":"2018-08-28T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2018-16428":{"cveID":"CVE-2018-16428","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"glib2","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2018-16428","title":"GNOME GLib における NULL ポインタデリファレンスに関する脆弱性","summary":"GNOME GLib には、NULL ポインタデリファレンスに関する脆弱性が存在します。","cvss2Score":7.5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"High","cvss3Score":9.8,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"Critical","sourceLink":"https://jvndb.jvn.jp/ja/contents/2018/JVNDB-2018-009423.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16428","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-16428","refID":""},{"source":"","link":"http://cwe.mitre.org/data/definitions/476.html","refID":""}],"published":"2018-11-19T17:24:00+09:00","lastModified":"2018-11-19T17:24:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2018-16428","title":"","summary":"In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference.","cvss2Score":7.5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"HIGH","cvss3Score":9.8,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"CRITICAL","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2018-16428","references":[{"source":"","link":"http://www.securityfocus.com/bid/105210","refID":""},{"source":"","link":"https://gitlab.gnome.org/GNOME/glib/commit/fccef3cc822af74699cca84cd202719ae61ca3b9","refID":""},{"source":"","link":"https://gitlab.gnome.org/GNOME/glib/issues/1364","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/07/msg00029.html","refID":""},{"source":"","link":"https://usn.ubuntu.com/3767-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3767-2/","refID":""}],"cweIDs":["CWE-476"],"published":"2018-09-04T00:29:00Z","lastModified":"2019-07-31T21:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2018-16428","title":"CVE-2018-16428 glib2: NULL pointer dereference in g_markup_parse_context_end_parse() function in gmarkup.c","summary":"In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":5.1,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"Low","sourceLink":"https://access.redhat.com/security/cve/CVE-2018-16428","cweIDs":["CWE-119"],"published":"2018-09-04T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2018-16429":{"cveID":"CVE-2018-16429","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"glib2","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2018-16429","title":"GNOME GLib における境界外読み取りに関する脆弱性","summary":"GNOME GLib には、境界外読み取りに関する脆弱性が存在します。","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"Medium","cvss3Score":7.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2018/JVNDB-2018-009424.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16429","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-16429","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/125.html","refID":""}],"published":"2018-11-19T17:24:00+09:00","lastModified":"2018-11-19T17:24:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2018-16429","title":"","summary":"GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str().","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"MEDIUM","cvss3Score":7.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"HIGH","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2018-16429","references":[{"source":"","link":"https://gitlab.gnome.org/GNOME/glib/commit/cec71705406f0b2790422f0c1aa0ff3b4b464b1b","refID":""},{"source":"","link":"https://gitlab.gnome.org/GNOME/glib/issues/1361","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/07/msg00029.html","refID":""},{"source":"","link":"https://usn.ubuntu.com/3767-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3767-2/","refID":""}],"cweIDs":["CWE-125"],"published":"2018-09-04T00:29:00Z","lastModified":"2019-07-31T21:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2018-16429","title":"CVE-2018-16429 glib2: Out-of-bounds read in g_markup_parse_context_parse() in gmarkup.c","summary":"GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str().","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":3.6,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L","cvss3Severity":"Low","sourceLink":"https://access.redhat.com/security/cve/CVE-2018-16429","cweIDs":["CWE-125"],"published":"2018-09-04T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2018-18751":{"cveID":"CVE-2018-18751","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"gettext","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2018-18751","title":"GNU gettext における二重解放に関する脆弱性","summary":"GNU gettext には、二重解放に関する脆弱性が存在します。","cvss2Score":7.5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"High","cvss3Score":9.8,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"Critical","sourceLink":"https://jvndb.jvn.jp/ja/contents/2018/JVNDB-2018-011503.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18751","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-18751","refID":""},{"source":"関連文書","link":"https://github.com/CCCCCrash/POCs/tree/master/Bin/Tools-gettext-0.19.8.1/doublefree","refID":""},{"source":"関連文書","link":"https://github.com/CCCCCrash/POCs/tree/master/Bin/Tools-gettext-0.19.8.1/heapcorruption","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/415.html","refID":""}],"published":"2019-01-15T18:16:00+09:00","lastModified":"2019-01-15T18:16:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2018-18751","title":"","summary":"An issue was discovered in GNU gettext 0.19.8. There is a double free in default_add_message in read-catalog.c, related to an invalid free in po_gram_parse in po-gram-gen.y, as demonstrated by lt-msgfmt.","cvss2Score":7.5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"HIGH","cvss3Score":9.8,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"CRITICAL","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2018-18751","references":[{"source":"","link":"https://github.com/CCCCCrash/POCs/tree/master/Bin/Tools-gettext-0.19.8.1/doublefree","refID":""},{"source":"","link":"https://github.com/CCCCCrash/POCs/tree/master/Bin/Tools-gettext-0.19.8.1/heapcorruption","refID":""},{"source":"","link":"https://usn.ubuntu.com/3815-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3815-2/","refID":""}],"cweIDs":["CWE-415"],"published":"2018-10-29T12:29:00Z","lastModified":"2018-12-07T19:38:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2018-18751","title":"CVE-2018-18751 gettext: double free in default_add_message in read-catalog.c","summary":"An issue was discovered in GNU gettext 0.19.8. There is a double free in default_add_message in read-catalog.c, related to an invalid free in po_gram_parse in po-gram-gen.y, as demonstrated by lt-msgfmt.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":4,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3Severity":"Low","sourceLink":"https://access.redhat.com/security/cve/CVE-2018-18751","cweIDs":["CWE-416"],"published":"2018-10-28T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2018-19824":{"cveID":"CVE-2018-19824","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2018-19824","title":"Linux Kernel における解放済みメモリの使用に関する脆弱性","summary":"Linux Kernel には、解放済みメモリの使用に関する脆弱性が存在します。","cvss2Score":4.6,"cvss2Vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"Medium","cvss3Score":7.8,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2018/JVNDB-2018-014055.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19824","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-19824","refID":""},{"source":"関連文書","link":"https://bugzilla.suse.com/show_bug.cgi?id=1118152","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/416.html","refID":""}],"published":"2019-03-11T16:31:00+09:00","lastModified":"2019-03-11T16:31:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2018-19824","title":"","summary":"In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.","cvss2Score":4.6,"cvss2Vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"MEDIUM","cvss3Score":7.8,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"HIGH","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2018-19824","references":[{"source":"","link":"http://www.securityfocus.com/bid/106109","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:2703","refID":""},{"source":"","link":"https://bugzilla.suse.com/show_bug.cgi?id=1118152","refID":""},{"source":"","link":"https://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound.git/commit/?id=5f8cf712582617d523120df67d392059eaf2fc4b","refID":""},{"source":"","link":"https://github.com/torvalds/linux/commit/5f8cf712582617d523120df67d392059eaf2fc4b","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html","refID":""},{"source":"","link":"https://support.f5.com/csp/article/K98155950","refID":""},{"source":"","link":"https://usn.ubuntu.com/3879-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3879-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3930-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3930-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3931-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3931-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3933-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3933-2/","refID":""}],"cweIDs":["CWE-416"],"published":"2018-12-03T17:29:00Z","lastModified":"2019-09-10T22:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2018-19824","title":"CVE-2018-19824 kernel: Use-after-free in sound/usb/card.c:usb_audio_probe()","summary":"In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.\nA flaw was found In the Linux kernel, through version 4.19.6, where a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c. An attacker could corrupt memory and possibly escalate privileges if the attacker is able to have physical access to the system.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":6.6,"cvss3Vector":"CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2018-19824","references":[{"source":"","link":"https://www.openwall.com/lists/oss-security/2018/12/03/1","refID":""}],"cweIDs":["CWE-416"],"published":"2018-12-04T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2018-19985":{"cveID":"CVE-2018-19985","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2018-19985","title":"Linux Kernel における境界外読み取りに関する脆弱性","summary":"Linux Kernel には、境界外読み取りに関する脆弱性が存在します。","cvss2Score":2.1,"cvss2Vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","cvss2Severity":"Low","cvss3Score":4.6,"cvss3Vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2018/JVNDB-2018-015124.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19985","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-19985","refID":""},{"source":"関連文書","link":"https://packetstormsecurity.com/files/151420/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html","refID":""},{"source":"関連文書","link":"https://seclists.org/bugtraq/2019/Jan/52","refID":""},{"source":"関連文書","link":"https://hexhive.epfl.ch/projects/perifuzz/","refID":""},{"source":"関連文書","link":"https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00023.html","refID":""},{"source":"関連文書","link":"https://lists.opensuse.org/opensuse-security-announce/2019-02/msg00007.html","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/125.html","refID":""}],"published":"2019-04-25T17:30:00+09:00","lastModified":"2019-04-25T17:30:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2018-19985","title":"","summary":"The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.","cvss2Score":2.1,"cvss2Vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","cvss2Severity":"LOW","cvss3Score":4.6,"cvss3Vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2018-19985","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-01/msg00023.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00007.html","refID":""},{"source":"","link":"http://packetstormsecurity.com/files/151420/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html","refID":""},{"source":"","link":"https://hexhive.epfl.ch/projects/perifuzz/","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Jan/52","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190404-0002/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4115-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4118-1/","refID":""}],"cweIDs":["CWE-125"],"published":"2019-03-21T16:00:00Z","lastModified":"2019-09-03T00:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2018-19985","title":"CVE-2018-19985 kernel: oob memory read in hso_probe in drivers/net/usb/hso.c","summary":"The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.\nA flaw was found in the Linux kernel in the function hso_probe() which reads if_num value from the USB device (as an u8) and uses it without a length check to index an array, resulting in an OOB memory read in hso_probe() or hso_get_config_data(). An attacker with a forged USB device and physical access to a system (needed to connect such a device) can cause a system crash and a denial of service.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":4.6,"cvss3Vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"Low","sourceLink":"https://access.redhat.com/security/cve/CVE-2018-19985","cweIDs":["CWE-125"],"published":"2018-12-12T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2018-20169":{"cveID":"CVE-2018-20169","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2018-20169","title":"Linux Kernel におけるリソースの枯渇に関する脆弱性","summary":"Linux Kernel には、リソースの枯渇に関する脆弱性が存在します。","cvss2Score":7.2,"cvss2Vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","cvss2Severity":"High","cvss3Score":6.8,"cvss3Vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2018/JVNDB-2018-014144.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20169","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-20169","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/400.html","refID":""}],"published":"2019-03-13T12:19:00+09:00","lastModified":"2019-03-13T12:19:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2018-20169","title":"","summary":"An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.","cvss2Score":7.2,"cvss2Vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","cvss2Severity":"HIGH","cvss3Score":6.8,"cvss3Vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2018-20169","references":[{"source":"","link":"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=704620afc70cf47abb9d6a1a57f3825d2bca49cf","refID":""},{"source":"","link":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.9","refID":""},{"source":"","link":"https://github.com/torvalds/linux/commit/704620afc70cf47abb9d6a1a57f3825d2bca49cf","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html","refID":""},{"source":"","link":"https://usn.ubuntu.com/3879-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3879-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4094-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4118-1/","refID":""}],"cweIDs":["CWE-400"],"published":"2018-12-17T07:29:00Z","lastModified":"2019-08-13T19:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2018-20169","title":"CVE-2018-20169 kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS","summary":"An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.\nA flaw was discovered in the Linux kernel's USB subsystem in the __usb_get_extra_descriptor() function in the drivers/usb/core/usb.c which mishandles a size check during the reading of an extra descriptor data. By using a specially crafted USB device which sends a forged extra descriptor, an unprivileged user with physical access to the system can potentially cause a privilege escalation or trigger a system crash or lock up and thus to cause a denial of service (DoS).","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":6.4,"cvss3Vector":"CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2018-20169","cweIDs":["CWE-787"],"published":"2018-12-05T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2018-20685":{"cveID":"CVE-2018-20685","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"openssh","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2018-20685","title":"OpenSSH におけるアクセス制御に関する脆弱性","summary":"OpenSSH には、アクセス制御に関する脆弱性が存在します。","cvss2Score":2.6,"cvss2Vector":"AV:N/AC:H/Au:N/C:N/I:P/A:N","cvss2Severity":"Low","cvss3Score":5.3,"cvss3Vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2018/JVNDB-2018-013957.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20685","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-20685","refID":""},{"source":"関連文書","link":"https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt","refID":""},{"source":"関連文書","link":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-20685","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/284.html","refID":""}],"published":"2019-03-07T14:36:00+09:00","lastModified":"2019-03-07T14:36:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2018-20685","title":"","summary":"In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.","cvss2Score":2.6,"cvss2Vector":"AV:N/AC:H/Au:N/C:N/I:P/A:N","cvss2Severity":"LOW","cvss3Score":5.3,"cvss3Vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2018-20685","references":[{"source":"","link":"http://www.securityfocus.com/bid/106531","refID":""},{"source":"","link":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-20685","refID":""},{"source":"","link":"https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/scp.c.diff?r1=1.197\u0026r2=1.198\u0026f=h","refID":""},{"source":"","link":"https://github.com/openssh/openssh-portable/commit/6010c0303a422a9c5fa8860c061bf7105eb7f8b2","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html","refID":""},{"source":"","link":"https://security.gentoo.org/glsa/201903-16","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190215-0001/","refID":""},{"source":"","link":"https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt","refID":""},{"source":"","link":"https://usn.ubuntu.com/3885-1/","refID":""},{"source":"","link":"https://www.debian.org/security/2019/dsa-4387","refID":""},{"source":"","link":"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","refID":""}],"cweIDs":["CWE-706"],"published":"2019-01-10T21:29:00Z","lastModified":"2019-10-03T00:03:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2018-20685","title":"CVE-2018-20685 openssh: scp client improper directory name validation","summary":"In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":5.3,"cvss3Vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2018-20685","references":[{"source":"","link":"https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt","refID":""}],"cweIDs":["CWE-20"],"published":"2018-11-16T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":"\nThis issue only affects the users of scp binary which is a part of openssh-clients package. Other usage of SSH protocol or other ssh clients is not affected. Administrators can uninstall openssh-clients for additional protection against accidental usage of this binary. Removing the openssh-clients package will make binaries like scp and ssh etc unavailable on that system.\n\nNote: To exploit this flaw, the victim needs to connect to a malicious SSH server or MITM (Man-in-the-middle) the scp connection, both of which can be detected by the system administrator via a change in the host key of the SSH server. Further, if connections via scp are made to only trusted SSH servers, then those use-cases are not vulnerable to this security flaw.\n "}},"alertDict":{"ja":null,"en":null}},"CVE-2018-20852":{"cveID":"CVE-2018-20852","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"python","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2018-20852","title":"Python における入力確認に関する脆弱性","summary":"Python には、入力確認に関する脆弱性が存在します。","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","cvss2Severity":"Medium","cvss3Score":5.3,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2018/JVNDB-2018-015872.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20852","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-20852","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-20.html","refID":""}],"published":"2019-07-22T17:00:00+09:00","lastModified":"2019-07-22T17:00:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2018-20852","title":"","summary":"http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server with a hostname that has another valid hostname as a suffix (e.g., pythonicexample.com to steal cookies for example.com). When a program uses http.cookiejar.DefaultPolicy and tries to do an HTTP connection to an attacker-controlled server, existing cookies can be leaked to the attacker. This affects 2.x through 2.7.16, 3.x before 3.4.10, 3.5.x before 3.5.7, 3.6.x before 3.6.9, and 3.7.x before 3.7.3.","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","cvss2Severity":"MEDIUM","cvss3Score":5.3,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2018-20852","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00071.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00074.html","refID":""},{"source":"","link":"https://bugs.python.org/issue35121","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/08/msg00022.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/08/msg00040.html","refID":""},{"source":"","link":"https://python-security.readthedocs.io/vuln/cookie-domain-check.html","refID":""}],"cweIDs":["CWE-20"],"published":"2019-07-13T21:15:00Z","lastModified":"2019-08-17T21:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2018-20852","title":"CVE-2018-20852 python: Cookie domain check returns incorrect results","summary":"http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server with a hostname that has another valid hostname as a suffix (e.g., pythonicexample.com to steal cookies for example.com). When a program uses http.cookiejar.DefaultPolicy and tries to do an HTTP connection to an attacker-controlled server, existing cookies can be leaked to the attacker. This affects 2.x through 2.7.16, 3.x before 3.4.10, 3.5.x before 3.5.7, 3.6.x before 3.6.9, and 3.7.x before 3.7.3.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":5.3,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2018-20852","cweIDs":["CWE-20"],"published":"2018-10-31T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2018-20856":{"cveID":"CVE-2018-20856","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2018-20856","title":"Linux Kernel における解放済みメモリの使用に関する脆弱性","summary":"Linux Kernel には、解放済みメモリの使用に関する脆弱性が存在します。","cvss2Score":4.6,"cvss2Vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"Medium","cvss3Score":7.8,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2018/JVNDB-2018-015917.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20856","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-20856","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/416.html","refID":""}],"published":"2019-08-05T11:27:00+09:00","lastModified":"2019-08-05T11:27:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2018-20856","title":"","summary":"An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled.","cvss2Score":4.6,"cvss2Vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"MEDIUM","cvss3Score":7.8,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"HIGH","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2018-20856","references":[{"source":"","link":"http://packetstormsecurity.com/files/154059/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html","refID":""},{"source":"","link":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.7","refID":""},{"source":"","link":"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54648cf1ec2d7f4b6a71767799c45676a138ca24","refID":""},{"source":"","link":"https://github.com/torvalds/linux/commit/54648cf1ec2d7f4b6a71767799c45676a138ca24","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/08/msg00017.html","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Aug/18","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Aug/26","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190905-0002/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4094-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4116-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4118-1/","refID":""},{"source":"","link":"https://www.debian.org/security/2019/dsa-4497","refID":""}],"cweIDs":["CWE-416"],"published":"2019-07-26T05:15:00Z","lastModified":"2019-08-13T19:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2018-20856","title":"CVE-2018-20856 kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c","summary":"An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled.\nA flaw was found in the Linux kernel’s block driver implementation (blk_drain_queue() function) where a use-after-free condition could be triggered while draining the outstanding command queue in the systems block device subsystem. An attacker could use this flaw to crash the system or corrupt local memory, which may lead to privilege escalation.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":7,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"Important","sourceLink":"https://access.redhat.com/security/cve/CVE-2018-20856","cweIDs":["CWE-119"],"published":"2019-07-26T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2018-7191":{"cveID":"CVE-2018-7191","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2018-7191","title":"Linux Kernel における NULL ポインタデリファレンスに関する脆弱性","summary":"Linux Kernel には、NULL ポインタデリファレンスに関する脆弱性が存在します。\n\n本脆弱性は、CVE-2013-4343 と同様の脆弱性です。","cvss2Score":4.9,"cvss2Vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","cvss2Severity":"Medium","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2018/JVNDB-2018-015449.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7191","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-7191","refID":""},{"source":"関連文書","link":"https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1748846","refID":""},{"source":"","link":"http://cwe.mitre.org/data/definitions/476.html","refID":""}],"published":"2019-06-05T11:09:00+09:00","lastModified":"2019-06-05T11:09:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2018-7191","title":"","summary":"In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. This is similar to CVE-2013-4343.","cvss2Score":4.9,"cvss2Vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","cvss2Severity":"MEDIUM","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2018-7191","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html","refID":""},{"source":"","link":"http://www.securityfocus.com/bid/108380","refID":""},{"source":"","link":"https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1743792","refID":""},{"source":"","link":"https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1748846","refID":""},{"source":"","link":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.14","refID":""},{"source":"","link":"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ad646c81b2182f7fa67ec0c8c825e0ee165696d","refID":""},{"source":"","link":"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5c25f65fd1e42685f7ccd80e0621829c105785d9","refID":""},{"source":"","link":"https://github.com/torvalds/linux/commit/0ad646c81b2182f7fa67ec0c8c825e0ee165696d","refID":""},{"source":"","link":"https://github.com/torvalds/linux/commit/5c25f65fd1e42685f7ccd80e0621829c105785d9","refID":""}],"cweIDs":["CWE-476"],"published":"2019-05-17T05:29:00Z","lastModified":"2019-05-31T12:29:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2018-7191","title":"CVE-2018-7191 kernel: denial of service via ioctl call in network tun handling","summary":"In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. This is similar to CVE-2013-4343.\nA flaw was found in the Linux kernel's implementation of networking tunnel device ioctl. A local attacker can cause a denial of service (NULL pointer dereference and panic) via an ioctl (TUNSETIFF) call with a dev name containing a / character.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":6.2,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2018-7191","cweIDs":["CWE-400","CWE-476"],"published":"2018-01-17T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-10126":{"cveID":"CVE-2019-10126","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-10126","title":"Linux Kernel におけるバッファエラーの脆弱性","summary":"Linux Kernel には、バッファエラーの脆弱性が存在します。","cvss2Score":7.5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"High","cvss3Score":9.8,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"Critical","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-005503.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10126","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-10126","refID":""},{"source":"関連文書","link":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10126","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-119.html","refID":""}],"published":"2019-06-21T14:33:00+09:00","lastModified":"2019-06-21T14:33:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-10126","title":"","summary":"A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences.","cvss2Score":7.5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"HIGH","cvss3Score":9.8,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"CRITICAL","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-10126","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00014.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html","refID":""},{"source":"","link":"http://packetstormsecurity.com/files/153702/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html","refID":""},{"source":"","link":"http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html","refID":""},{"source":"","link":"http://www.securityfocus.com/bid/108817","refID":""},{"source":"","link":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10126","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/06/msg00010.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Jul/33","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Jun/26","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190710-0002/","refID":""},{"source":"","link":"https://support.f5.com/csp/article/K95593121","refID":""},{"source":"","link":"https://usn.ubuntu.com/4093-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4094-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4095-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4095-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4117-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4118-1/","refID":""},{"source":"","link":"https://www.debian.org/security/2019/dsa-4465","refID":""}],"cweIDs":["CWE-119"],"published":"2019-06-14T14:29:00Z","lastModified":"2019-06-17T23:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-10126","title":"CVE-2019-10126 kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c","summary":"A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences.\nA flaw was found in the mwifiex implementation in the Linux kernel. A system connecting to wireless access point could be manipulated by an attacker with advanced permissions on the access point into localized memory corruption or possibly privilege escalation.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":8,"cvss3Vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3Severity":"Important","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-10126","cweIDs":["CWE-122"],"published":"2019-05-31T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-10140":{"cveID":"CVE-2019-10140","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-10140","title":"Linux Kernel における NULL ポインタデリファレンスに関する脆弱性","summary":"Linux Kernel には、NULL ポインタデリファレンスに関する脆弱性が存在します。","cvss2Score":4.9,"cvss2Vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","cvss2Severity":"Medium","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-008465.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10140","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-10140","refID":""},{"source":"","link":"http://cwe.mitre.org/data/definitions/476.html","refID":""}],"published":"2019-09-02T16:32:00+09:00","lastModified":"2019-09-02T16:32:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-10140","title":"","summary":"A vulnerability was found in Linux kernel's, versions up to 3.10, implementation of overlayfs. An attacker with local access can create a denial of service situation via NULL pointer dereference in ovl_posix_acl_create function in fs/overlayfs/dir.c. This can allow attackers with ability to create directories on overlayfs to crash the kernel creating a denial of service (DOS).","cvss2Score":4.9,"cvss2Vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","cvss2Severity":"MEDIUM","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-10140","references":[{"source":"","link":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10140","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190905-0002/","refID":""}],"cweIDs":["CWE-476"],"published":"2019-08-15T17:15:00Z","lastModified":"2019-09-06T00:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-10140","title":"CVE-2019-10140 kernel: overlayfs: NULL pointer dereference in ovl_posix_acl_create function in fs/overlayfs/dir.c","summary":"A vulnerability was found in Linux kernel's, versions up to 3.10, implementation of overlayfs. An attacker with local access can create a denial of service situation via NULL pointer dereference in ovl_posix_acl_create function in fs/overlayfs/dir.c. This can allow attackers with ability to create directories on overlayfs to crash the kernel creating a denial of service (DOS).\nA vulnerability was found in Linux kernel's implementation of overlayfs. An attacker with local access can create a denial of service situation via NULL pointer dereference in ovl_posix_acl_create function in fs/overlayfs/dir.c. This can allow attackers with ability to create directories on overlayfs to crash the kernel creating a denial of service (DOS).","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-10140","cweIDs":["CWE-476"],"published":"2019-08-15T03:50:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":"\nSome systems may wish to use device-mapper as an alternative to overlayfs. This does not remove the flaw if overlayfs module is still in use.\n "}},"alertDict":{"ja":null,"en":null}},"CVE-2019-10207":{"cveID":"CVE-2019-10207","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-10207","title":"CVE-2019-10207 kernel: null-pointer dereference in hci_uart_set_flow_control","summary":"A flaw was found in the Linux kernel’s Bluetooth implementation of UART. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":4.7,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-10207","cweIDs":["CWE-476"],"published":"2019-07-29T13:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-10638":{"cveID":"CVE-2019-10638","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-10638","title":"Linux Kernel における情報漏えいに関する脆弱性","summary":"Linux Kernel には、情報漏えいに関する脆弱性が存在します。","cvss2Score":4.3,"cvss2Vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","cvss2Severity":"Medium","cvss3Score":6.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-006256.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10638","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-10638","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-200.html","refID":""}],"published":"2019-07-17T10:51:00+09:00","lastModified":"2019-07-17T10:51:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-10638","title":"","summary":"In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). An attack may be conducted by hosting a crafted web page that uses WebRTC or gQUIC to force UDP traffic to attacker-controlled IP addresses.","cvss2Score":4.3,"cvss2Vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","cvss2Severity":"MEDIUM","cvss3Score":6.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-10638","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00014.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html","refID":""},{"source":"","link":"http://www.securityfocus.com/bid/109092","refID":""},{"source":"","link":"https://arxiv.org/pdf/1906.10478.pdf","refID":""},{"source":"","link":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.8","refID":""},{"source":"","link":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.7","refID":""},{"source":"","link":"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=355b98553789b646ed97ad801a619ff898471b92","refID":""},{"source":"","link":"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=df453700e8d81b1bdafdf684365ee2b9431fb702","refID":""},{"source":"","link":"https://github.com/torvalds/linux/commit/355b98553789b646ed97ad801a619ff898471b92","refID":""},{"source":"","link":"https://github.com/torvalds/linux/commit/55f0fc7a02de8f12757f4937143d8d5091b2e40b","refID":""},{"source":"","link":"https://github.com/torvalds/linux/commit/df453700e8d81b1bdafdf684365ee2b9431fb702","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/08/msg00016.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/08/msg00017.html","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Aug/13","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Aug/18","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190806-0001/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4114-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4115-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4116-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4117-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4118-1/","refID":""},{"source":"","link":"https://www.debian.org/security/2019/dsa-4495","refID":""},{"source":"","link":"https://www.debian.org/security/2019/dsa-4497","refID":""}],"cweIDs":["CWE-200"],"published":"2019-07-05T23:15:00Z","lastModified":"2019-07-19T12:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-10638","title":"CVE-2019-10638 Kernel: net: weak IP ID generation leads to remote device tracking","summary":"In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). An attack may be conducted by hosting a crafted web page that uses WebRTC or gQUIC to force UDP traffic to attacker-controlled IP addresses.\nA flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a net_hash_mix() function. A remote user could observe a weak IP ID generation in this field to track Linux devices.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":3.7,"cvss3Vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3Severity":"Low","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-10638","references":[{"source":"","link":"https://arxiv.org/pdf/1906.10478.pdf","refID":""}],"cweIDs":["CWE-331","CWE-200"],"published":"2019-07-15T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-10639":{"cveID":"CVE-2019-10639","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-10639","title":"Linux Kernel における情報漏えいに関する脆弱性","summary":"Linux Kernel には、情報漏えいに関する脆弱性が存在します。","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","cvss2Severity":"Medium","cvss3Score":7.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-006439.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10639","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-10639","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-200.html","refID":""}],"published":"2019-07-19T13:42:00+09:00","lastModified":"2019-07-19T13:42:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-10639","title":"","summary":"The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). This key contains enough bits from a kernel address (of a static variable) so when the key is extracted (via enumeration), the offset of the kernel image is exposed. This attack can be carried out remotely, by the attacker forcing the target device to send UDP or ICMP (or certain other) traffic to attacker-controlled IP addresses. Forcing a server to send UDP traffic is trivial if the server is a DNS server. ICMP traffic is trivial if the server answers ICMP Echo requests (ping). For client targets, if the target visits the attacker's web page, then WebRTC or gQUIC can be used to force UDP traffic to attacker-controlled IP addresses. NOTE: this attack against KASLR became viable in 4.1 because IP ID generation was changed to have a dependency on an address associated with a network namespace.","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","cvss2Severity":"MEDIUM","cvss3Score":7.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3Severity":"HIGH","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-10639","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00014.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html","refID":""},{"source":"","link":"https://arxiv.org/pdf/1906.10478.pdf","refID":""},{"source":"","link":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.8","refID":""},{"source":"","link":"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=355b98553789b646ed97ad801a619ff898471b92","refID":""},{"source":"","link":"https://github.com/torvalds/linux/commit/355b98553789b646ed97ad801a619ff898471b92","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/07/msg00022.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/08/msg00017.html","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Aug/18","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190806-0001/","refID":""},{"source":"","link":"https://support.f5.com/csp/article/K32804955","refID":""},{"source":"","link":"https://usn.ubuntu.com/4115-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4118-1/","refID":""},{"source":"","link":"https://www.debian.org/security/2019/dsa-4497","refID":""}],"cweIDs":["CWE-200"],"published":"2019-07-05T23:15:00Z","lastModified":"2019-07-19T12:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-10639","title":"CVE-2019-10639 Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR","summary":"The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). This key contains enough bits from a kernel address (of a static variable) so when the key is extracted (via enumeration), the offset of the kernel image is exposed. This attack can be carried out remotely, by the attacker forcing the target device to send UDP or ICMP (or certain other) traffic to attacker-controlled IP addresses. Forcing a server to send UDP traffic is trivial if the server is a DNS server. ICMP traffic is trivial if the server answers ICMP Echo requests (ping). For client targets, if the target visits the attacker's web page, then WebRTC or gQUIC can be used to force UDP traffic to attacker-controlled IP addresses. NOTE: this attack against KASLR became viable in 4.1 because IP ID generation was changed to have a dependency on an address associated with a network namespace.\nA flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a net_hash_mix() function. A remote user could observe this IP ID field to extract the kernel address bits used to derive its value, which may result in leaking the hash key and potentially defeating KASLR.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":3.7,"cvss3Vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3Severity":"Low","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-10639","references":[{"source":"","link":"https://arxiv.org/pdf/1906.10478.pdf","refID":""}],"cweIDs":["CWE-200"],"published":"2019-07-15T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-11190":{"cveID":"CVE-2019-11190","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-11190","title":"Linux Kernel における競合状態に関する脆弱性","summary":"Linux Kernel には、競合状態に関する脆弱性が存在します。","cvss2Score":4.7,"cvss2Vector":"AV:L/AC:M/Au:N/C:C/I:N/A:N","cvss2Severity":"Medium","cvss3Score":4.7,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-003462.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11190","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-11190","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-362.html","refID":""}],"published":"2019-05-17T14:52:00+09:00","lastModified":"2019-05-17T14:52:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-11190","title":"","summary":"The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat.","cvss2Score":4.7,"cvss2Vector":"AV:L/AC:M/Au:N/C:C/I:N/A:N","cvss2Severity":"MEDIUM","cvss3Score":4.7,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-11190","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html","refID":""},{"source":"","link":"http://www.openwall.com/lists/oss-security/2019/04/15/1","refID":""},{"source":"","link":"http://www.securityfocus.com/bid/107890","refID":""},{"source":"","link":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/commit/?id=a5b5352558f6808db0589644ea5401b3e3148a0d","refID":""},{"source":"","link":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/commit/?id=e1676b55d874a43646e8b2c46d87f2f3e45516ff","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html","refID":""},{"source":"","link":"https://usn.ubuntu.com/4008-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4008-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4008-3/","refID":""},{"source":"","link":"https://www.openwall.com/lists/oss-security/2019/04/03/4","refID":""},{"source":"","link":"https://www.openwall.com/lists/oss-security/2019/04/03/4/1","refID":""}],"cweIDs":["CWE-362"],"published":"2019-04-12T00:29:00Z","lastModified":"2019-06-07T07:29:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-11190","title":"CVE-2019-11190 kernel: ASLR bypass for setuid binaries due to late install_exec_creds()","summary":"The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat.\nA flaw in the load_elf_binary() function in the Linux kernel allows a local attacker to leak the base address of .text and stack sections for setuid binaries and bypass ASLR because install_exec_creds() is called too late in this function.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":3.3,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3Severity":"Low","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-11190","cweIDs":["CWE-250"],"published":"2019-04-03T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-1125":{"cveID":"CVE-2019-1125","confidences":[{"score":100,"detectionMethod":"OvalMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":false,"fixState":""},{"name":"kernel-tools","notFixedYet":false,"fixState":""},{"name":"kernel-tools-libs","notFixedYet":false,"fixState":""},{"name":"python-perf","notFixedYet":false,"fixState":""}],"distroAdvisories":[{"advisoryID":"RHSA-2019:2600","severity":"Important","issued":"2019-09-04T00:00:00Z","updated":"2019-09-03T00:00:00Z","description":"The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\n* kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results (CVE-2019-9500)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* [mlx4] VXLAN over VLAN TCP segmentation (BZ#1734333)\n\n* Race condition in /dev/sg due to missing synchronization causes corruption in RHV (BZ#1737380)\n\n* panic handing smb2_reconnect due to a use after free (BZ#1737382)\n\n* NFSv4.1 client stuck in infinite loop when received NFS4ERR_SEQ_MISORDERED error (BZ#1739077)\n\n* Backport TCP follow-up for small buffers (BZ#1739130)"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-1125","title":"複数の Microsoft Windows 製品における情報を公開される脆弱性","summary":"複数の Microsoft Windows 製品には、特定の中央処理装置 (CPU) が投機的にメモリにアクセスする場合、情報を公開される脆弱性が存在します。\n\nベンダは、本脆弱性を「Windows カーネルの情報漏えいの脆弱性」として公開しています。\n\n本脆弱性は、CVE-2019-1071 および CVE-2019-1073 とは異なる脆弱性です。","cvss2Score":2.1,"cvss2Vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","cvss2Severity":"Low","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-008776.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1125","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-1125","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-200.html","refID":""}],"published":"2019-09-05T18:19:00+09:00","lastModified":"2019-09-05T18:19:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-1125","title":"","summary":"An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073.","cvss2Score":2.1,"cvss2Vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","cvss2Severity":"LOW","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-1125","references":[{"source":"","link":"https://access.redhat.com/errata/RHBA-2019:2824","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:2600","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:2609","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:2695","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:2696","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:2730","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:2899","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:2900","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:2975","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:3011","refID":""},{"source":"","link":"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10297","refID":""},{"source":"","link":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1125","refID":""}],"cweIDs":["CWE-200"],"published":"2019-09-03T18:15:00Z","lastModified":"2019-09-10T13:15:00Z","mitigation":""},"redhat":{"type":"redhat","cveID":"CVE-2019-1125","title":"RHSA-2019:2600: kernel security and bug fix update (Important)","summary":"The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\n* kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results (CVE-2019-9500)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* [mlx4] VXLAN over VLAN TCP segmentation (BZ#1734333)\n\n* Race condition in /dev/sg due to missing synchronization causes corruption in RHV (BZ#1737380)\n\n* panic handing smb2_reconnect due to a use after free (BZ#1737382)\n\n* NFSv4.1 client stuck in infinite loop when received NFS4ERR_SEQ_MISORDERED error (BZ#1739077)\n\n* Backport TCP follow-up for small buffers (BZ#1739130)","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"moderate","cvss3Score":5.9,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N","cvss3Severity":"","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-1125","references":[{"source":"RHSA","link":"https://access.redhat.com/errata/RHSA-2019:2600","refID":"RHSA-2019:2600"},{"source":"CVE","link":"https://access.redhat.com/security/cve/CVE-2019-1125","refID":"CVE-2019-1125"},{"source":"CVE","link":"https://access.redhat.com/security/cve/CVE-2019-9500","refID":"CVE-2019-9500"}],"cweIDs":["CWE-385","CWE-200"],"published":"2019-09-04T00:00:00Z","lastModified":"2019-09-03T00:00:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-1125","title":"CVE-2019-1125 kernel: hw: Spectre SWAPGS gadget vulnerability","summary":"An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073.\nA Spectre gadget was found in the Linux kernel's implementation of system interrupts. An attacker with local access could use this information to reveal private data through a Spectre like side channel.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":5.9,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-1125","cweIDs":["CWE-385","CWE-200"],"published":"2019-08-06T17:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":"\nFor mitigation related information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/articles/4329821\n "}},"alertDict":{"ja":null,"en":null}},"CVE-2019-11487":{"cveID":"CVE-2019-11487","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-11487","title":"Linux Kernel における解放済みメモリの使用に関する脆弱性","summary":"Linux Kernel には、解放済みメモリの使用に関する脆弱性が存在します。","cvss2Score":7.2,"cvss2Vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","cvss2Severity":"High","cvss3Score":7.8,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-004327.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11487","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-11487","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/416.html","refID":""}],"published":"2019-05-30T16:52:00+09:00","lastModified":"2019-05-30T16:52:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-11487","title":"","summary":"The Linux kernel before 5.1-rc5 allows page-\u003e_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests.","cvss2Score":7.2,"cvss2Vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","cvss2Severity":"HIGH","cvss3Score":7.8,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"HIGH","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-11487","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00040.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html","refID":""},{"source":"","link":"http://www.openwall.com/lists/oss-security/2019/04/29/1","refID":""},{"source":"","link":"http://www.securityfocus.com/bid/108054","refID":""},{"source":"","link":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1752","refID":""},{"source":"","link":"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=15fab63e1e57be9fdb5eec1bbc5916e9825e9acb","refID":""},{"source":"","link":"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b3a707736301c2128ca85ce85fb13f60b5e350a","refID":""},{"source":"","link":"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=88b1a17dfc3ed7728316478fae0f5ad508f50397","refID":""},{"source":"","link":"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8fde12ca79aff9b5ba951fce1a2641901b8d8e64","refID":""},{"source":"","link":"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f958d7b528b1b40c44cfda5eabe2d82760d868c3","refID":""},{"source":"","link":"https://github.com/torvalds/linux/commit/15fab63e1e57be9fdb5eec1bbc5916e9825e9acb","refID":""},{"source":"","link":"https://github.com/torvalds/linux/commit/6b3a707736301c2128ca85ce85fb13f60b5e350a","refID":""},{"source":"","link":"https://github.com/torvalds/linux/commit/88b1a17dfc3ed7728316478fae0f5ad508f50397","refID":""},{"source":"","link":"https://github.com/torvalds/linux/commit/8fde12ca79aff9b5ba951fce1a2641901b8d8e64","refID":""},{"source":"","link":"https://github.com/torvalds/linux/commit/f958d7b528b1b40c44cfda5eabe2d82760d868c3","refID":""},{"source":"","link":"https://lwn.net/Articles/786044/","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190517-0005/","refID":""},{"source":"","link":"https://support.f5.com/csp/article/K14255532","refID":""},{"source":"","link":"https://usn.ubuntu.com/4069-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4069-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4115-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4118-1/","refID":""}],"cweIDs":["CWE-416"],"published":"2019-04-23T22:29:00Z","lastModified":"2019-05-17T10:29:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-11487","title":"CVE-2019-11487 kernel: Count overflow in FUSE request leading to use-after-free issues.","summary":"The Linux kernel before 5.1-rc5 allows page-\u003e_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":7.8,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H","cvss3Severity":"Important","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-11487","cweIDs":["CWE-416"],"published":"2019-04-22T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-11884":{"cveID":"CVE-2019-11884","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"nvd":{"type":"nvd","cveID":"CVE-2019-11884","title":"","summary":"The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\\0' character.","cvss2Score":2.1,"cvss2Vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","cvss2Severity":"LOW","cvss3Score":3.3,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3Severity":"LOW","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-11884","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00037.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html","refID":""},{"source":"","link":"http://www.securityfocus.com/bid/108299","refID":""},{"source":"","link":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.15","refID":""},{"source":"","link":"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a1616a5ac99ede5d605047a9012481ce7ff18b16","refID":""},{"source":"","link":"https://github.com/torvalds/linux/commit/a1616a5ac99ede5d605047a9012481ce7ff18b16","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/06/msg00010.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KPWHQHNM2MSGO3FDJVIQXQNKYVR7TV45/","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LAYXGGJUUYPOMCBZGGDCUZFLUU3JOZG5/","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF2PDXUGOFEOTPVEACKFIHQB6O4XUIZD/","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Jun/26","refID":""},{"source":"","link":"https://usn.ubuntu.com/4068-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4068-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4069-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4069-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4076-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4118-1/","refID":""},{"source":"","link":"https://www.debian.org/security/2019/dsa-4465","refID":""}],"cweIDs":["CWE-77"],"published":"2019-05-10T22:29:00Z","lastModified":"2019-05-31T12:29:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-11884","title":"CVE-2019-11884 kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command","summary":"The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\\0' character.\nA flaw was found in the Linux kernel's implementation of the Bluetooth Human Interface Device Protocol (HIDP). A local attacker with access permissions to the Bluetooth device can issue an IOCTL which will trigger the do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c.c. This function can leak potentially sensitive information from the kernel stack memory via a HIDPCONNADD command because a name field may not be correctly NULL terminated.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":6.8,"cvss3Vector":"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-11884","cweIDs":["CWE-200"],"published":"2019-05-10T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-12378":{"cveID":"CVE-2019-12378","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-12378","title":"Linux Kernel における NULL ポインタデリファレンスに関する脆弱性","summary":"** 未確定 ** 本件は、脆弱性として確定していません。\n\nLinux Kernel には、NULL ポインタデリファレンスに関する脆弱性が存在します。\n\nベンダは、本脆弱性に対して異議を唱えています。\n詳細については、以下の NVD の Current Description を確認してください。\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-12378","cvss2Score":4.9,"cvss2Vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","cvss2Severity":"Medium","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-004945.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12378","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-12378","refID":""},{"source":"","link":"http://cwe.mitre.org/data/definitions/476.html","refID":""}],"published":"2019-06-12T16:28:00+09:00","lastModified":"2019-06-12T16:28:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-12378","title":"","summary":"** DISPUTED ** An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This has been disputed as not an issue.","cvss2Score":4.9,"cvss2Vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","cvss2Severity":"MEDIUM","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-12378","references":[{"source":"","link":"http://www.securityfocus.com/bid/108475","refID":""},{"source":"","link":"https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=95baa60a0da80a0143e3ddd4d3725758b4513825","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KLGWJKLMTBBB53D5QLS4HOY2EH246WBE/","refID":""},{"source":"","link":"https://lkml.org/lkml/2019/5/25/229","refID":""}],"cweIDs":["CWE-476"],"published":"2019-05-28T03:29:00Z","lastModified":"2019-06-10T03:29:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-12378","title":"CVE-2019-12378 kernel: unchecked kmalloc of new_ra in ip6_ra_control leads to denial of service","summary":"** DISPUTED ** An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This has been disputed as not an issue.\nA flaw was discovered in the Linux kernel's implementation of IPv6 router advertisement handling. Under low-memory-free conditions a kmalloc request may fail leaving the system to crash shortly after with a null pointer dereference. The attacker must be able to send IPv6 RA packets to this host, most routers will not forward these packets requiring the attacker to be on the local network.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":5.7,"cvss3Vector":"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-12378","cweIDs":["CWE-476"],"published":"2019-05-25T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-12380":{"cveID":"CVE-2019-12380","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-12380","title":"Linux Kernel におけるエラー処理に関する脆弱性","summary":"Linux Kernel には、エラー処理に関する脆弱性が存在します。","cvss2Score":2.1,"cvss2Vector":"AV:L/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"Low","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-004884.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12380","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-12380","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/388.html","refID":""}],"published":"2019-06-11T15:17:00+09:00","lastModified":"2019-06-11T15:17:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-12380","title":"","summary":"**DISPUTED** An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation failures. NOTE: This id is disputed as not being an issue because ?All the code touched by the referenced commit runs only at boot, before any user processes are started. Therefore, there is no possibility for an unprivileged user to control it.?.","cvss2Score":2.1,"cvss2Vector":"AV:L/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"LOW","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-12380","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00040.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html","refID":""},{"source":"","link":"http://www.securityfocus.com/bid/108477","refID":""},{"source":"","link":"https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=4e78921ba4dd0aca1cc89168f45039add4183f8e","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KLGWJKLMTBBB53D5QLS4HOY2EH246WBE/","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190710-0002/","refID":""}],"cweIDs":["CWE-388"],"published":"2019-05-28T03:29:00Z","lastModified":"2019-10-10T12:09:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-12380","title":"CVE-2019-12380 kernel: memory allocation failure in the efi subsystem leads to denial of service","summary":"**DISPUTED** An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation failures. NOTE: This id is disputed as not being an issue because “All the code touched by the referenced commit runs only at boot, before any user processes are started. Therefore, there is no possibility for an unprivileged user to control it.”.\nA flaw was found in the Linux kernel's implementation of UEFI. An attacker who can influence early-boot memory initialization could possibly influence firmware initialization and memory allocations, resulting in a panic of a guest or target system during early boot of that same system.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":6.2,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"Low","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-12380","cweIDs":["CWE-252"],"published":"2019-05-25T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-12381":{"cveID":"CVE-2019-12381","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-12381","title":"Linux Kernel における NULL ポインタデリファレンスに関する脆弱性","summary":"Linux Kernel には、NULL ポインタデリファレンスに関する脆弱性が存在します。","cvss2Score":4.9,"cvss2Vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","cvss2Severity":"Medium","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-004885.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12381","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-12381","refID":""},{"source":"","link":"http://cwe.mitre.org/data/definitions/476.html","refID":""}],"published":"2019-06-11T15:17:00+09:00","lastModified":"2019-06-11T15:17:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-12381","title":"","summary":"** DISPUTED ** An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: this is disputed because new_ra is never used if it is NULL.","cvss2Score":4.9,"cvss2Vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","cvss2Severity":"MEDIUM","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-12381","references":[{"source":"","link":"http://www.securityfocus.com/bid/108473","refID":""},{"source":"","link":"https://bugzilla.redhat.com/show_bug.cgi?id=1715501","refID":""},{"source":"","link":"https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=425aa0e1d01513437668fa3d4a971168bbaa8515","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KLGWJKLMTBBB53D5QLS4HOY2EH246WBE/","refID":""},{"source":"","link":"https://lkml.org/lkml/2019/5/25/230","refID":""}],"cweIDs":["CWE-476"],"published":"2019-05-28T03:29:00Z","lastModified":"2019-06-20T11:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-12381","title":"CVE-2019-12381 kernel: unchecked kmalloc of new_ra in ip_ra_control leads to denial of service","summary":"** DISPUTED ** An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: this is disputed because new_ra is never used if it is NULL.\nA flaw was discovered in the Linux kernel that allows an attacker to crash a system under low-memory free conditions in the ipv4 router advertisement code. The attacker must be able to send 'router advertisements' which limits the attack vector to be on the same physical segment.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-12381","cweIDs":["CWE-476"],"published":"2019-05-25T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-12382":{"cveID":"CVE-2019-12382","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-12382","title":"Linux Kernel における NULL ポインタデリファレンスに関する脆弱性","summary":"Linux Kernel には、NULL ポインタデリファレンスに関する脆弱性が存在します。","cvss2Score":4.9,"cvss2Vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","cvss2Severity":"Medium","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-004886.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12382","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-12382","refID":""},{"source":"","link":"http://cwe.mitre.org/data/definitions/476.html","refID":""}],"published":"2019-06-11T15:17:00+09:00","lastModified":"2019-06-11T15:17:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-12382","title":"","summary":"** DISPUTED ** An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: The vendor disputes this issues as not being a vulnerability because kstrdup() returning NULL is handled sufficiently and there is no chance for a NULL pointer dereference.","cvss2Score":4.9,"cvss2Vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","cvss2Severity":"MEDIUM","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-12382","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00040.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html","refID":""},{"source":"","link":"http://www.securityfocus.com/bid/108474","refID":""},{"source":"","link":"https://cgit.freedesktop.org/drm/drm-misc/commit/?id=9f1f1a2dab38d4ce87a13565cf4dc1b73bef3a5f","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KLGWJKLMTBBB53D5QLS4HOY2EH246WBE/","refID":""},{"source":"","link":"https://lkml.org/lkml/2019/5/24/843","refID":""},{"source":"","link":"https://lore.kernel.org/lkml/87o93u7d3s.fsf@intel.com/","refID":""},{"source":"","link":"https://salsa.debian.org/kernel-team/kernel-sec/blob/master/retired/CVE-2019-12382","refID":""}],"cweIDs":["CWE-476"],"published":"2019-05-28T03:29:00Z","lastModified":"2019-06-19T19:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-12382","title":"CVE-2019-12382 kernel: unchecked kstrdup of fwstr in drm_load_edid_firmware leads to denial of service","summary":"** DISPUTED ** An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: The vendor disputes this issues as not being a vulnerability because kstrdup() returning NULL is handled sufficiently and there is no chance for a NULL pointer dereference.\nA flaw was found in the Linux kernel’s implementation of Extended Display Identification Data (EDID) technology. A firmware identifier string is duplicated with the kstrdup function, and the allocation may fail under very low memory conditions. An attacker could abuse this flaw by causing a Denial of Service and crashing the system.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-12382","cweIDs":["CWE-253","CWE-476"],"published":"2019-05-24T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-12450":{"cveID":"CVE-2019-12450","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"glib2","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-12450","title":"GNOME GLib におけるパーミッションに関する脆弱性","summary":"GNOME GLib には、パーミッションに関する脆弱性が存在します。","cvss2Score":7.5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"High","cvss3Score":9.8,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"Critical","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-004959.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12450","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-12450","refID":""},{"source":"関連文書","link":"https://security.netapp.com/advisory/ntap-20190606-0003/","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/275.html","refID":""}],"published":"2019-06-12T17:43:00+09:00","lastModified":"2019-06-12T17:43:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-12450","title":"","summary":"file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.","cvss2Score":7.5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"HIGH","cvss3Score":9.8,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"CRITICAL","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-12450","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00076.html","refID":""},{"source":"","link":"https://gitlab.gnome.org/GNOME/glib/commit/d8f8f4d637ce43f8699ba94c9b7648beda0ca174","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/06/msg00013.html","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2W4WIOAGO3M743M5KZLVQZM3NGHQDYLI/","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190606-0003/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4014-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4014-2/","refID":""}],"cweIDs":["CWE-275"],"published":"2019-05-29T17:29:00Z","lastModified":"2019-06-11T14:29:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-12450","title":"CVE-2019-12450 glib2: file_copy_fallback in gio/gfile.c in GNOME GLib does not properly restrict file permissions while a copy operation is in progress","summary":"file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":6.6,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-12450","cweIDs":["CWE-552"],"published":"2019-05-23T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-12749":{"cveID":"CVE-2019-12749","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"dbus","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-12749","title":"dbus および Ubuntu における認証に関する脆弱性","summary":"dbus および Ubuntu には、認証に関する脆弱性が存在します。","cvss2Score":3.6,"cvss2Vector":"AV:L/AC:L/Au:N/C:P/I:P/A:N","cvss2Severity":"Low","cvss3Score":7.1,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-005446.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12749","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-12749","refID":""},{"source":"関連文書","link":"https://www.openwall.com/lists/oss-security/2019/06/11/2","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-287.html","refID":""}],"published":"2019-06-20T14:53:00+09:00","lastModified":"2019-06-20T14:53:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-12749","title":"","summary":"dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. (This only affects the DBUS_COOKIE_SHA1 authentication mechanism.) A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to read and write in unintended locations. In the worst case, this could result in the DBusServer reusing a cookie that is known to the malicious client, and treating that cookie as evidence that a subsequent client connection came from an attacker-chosen uid, allowing authentication bypass.","cvss2Score":3.6,"cvss2Vector":"AV:L/AC:L/Au:N/C:P/I:P/A:N","cvss2Severity":"LOW","cvss3Score":7.1,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","cvss3Severity":"HIGH","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-12749","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00059.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00092.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00026.html","refID":""},{"source":"","link":"http://www.openwall.com/lists/oss-security/2019/06/11/2","refID":""},{"source":"","link":"http://www.securityfocus.com/bid/108751","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:1726","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/06/msg00005.html","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V2CQF37O73VH2JDVX2ILX2KD2KLXLQOU/","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Jun/16","refID":""},{"source":"","link":"https://usn.ubuntu.com/4015-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4015-2/","refID":""},{"source":"","link":"https://www.debian.org/security/2019/dsa-4462","refID":""},{"source":"","link":"https://www.openwall.com/lists/oss-security/2019/06/11/2","refID":""}],"cweIDs":["CWE-287"],"published":"2019-06-11T17:29:00Z","lastModified":"2019-06-14T14:29:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-12749","title":"CVE-2019-12749 dbus: DBusServer DBUS_COOKIE_SHA1 authentication bypass","summary":"dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. (This only affects the DBUS_COOKIE_SHA1 authentication mechanism.) A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to read and write in unintended locations. In the worst case, this could result in the DBusServer reusing a cookie that is known to the malicious client, and treating that cookie as evidence that a subsequent client connection came from an attacker-chosen uid, allowing authentication bypass.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":7,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"Important","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-12749","references":[{"source":"","link":"https://www.openwall.com/lists/oss-security/2019/06/11/2","refID":""}],"cweIDs":["CWE-287"],"published":"2019-06-11T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-12881":{"cveID":"CVE-2019-12881","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-12881","title":"Linux Kernel における NULL ポインタデリファレンスに関する脆弱性","summary":"Linux Kernel には、NULL ポインタデリファレンスに関する脆弱性が存在します。","cvss2Score":4.6,"cvss2Vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"Medium","cvss3Score":7.8,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-005604.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12881","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-12881","refID":""},{"source":"関連文書","link":"https://gist.github.com/oxagast/472866fb2c3d439e10499d7141d0a520","refID":""},{"source":"","link":"http://cwe.mitre.org/data/definitions/476.html","refID":""}],"published":"2019-06-24T17:10:00+09:00","lastModified":"2019-06-24T17:10:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-12881","title":"","summary":"i915_gem_userptr_get_pages in drivers/gpu/drm/i915/i915_gem_userptr.c in the Linux kernel 4.15.0 on Ubuntu 18.04.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) or possibly have unspecified other impact via crafted ioctl calls to /dev/dri/card0.","cvss2Score":4.6,"cvss2Vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"MEDIUM","cvss3Score":7.8,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"HIGH","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-12881","references":[{"source":"","link":"http://www.securityfocus.com/bid/108873","refID":""},{"source":"","link":"https://gist.github.com/oxagast/472866fb2c3d439e10499d7141d0a520","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190710-0002/","refID":""}],"cweIDs":["CWE-476"],"published":"2019-06-18T23:15:00Z","lastModified":"2019-06-24T16:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-12881","title":"CVE-2019-12881 kernel: NULL pointer dereference in i915_gem_userptr_get_pages allows local denial of service via crafted ioctl calls","summary":"i915_gem_userptr_get_pages in drivers/gpu/drm/i915/i915_gem_userptr.c in the Linux kernel 4.15.0 on Ubuntu 18.04.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) or possibly have unspecified other impact via crafted ioctl calls to /dev/dri/card0.\nA flaw was found in the Linux kernel 4.15.0 on Ubuntu 18.04.2. The i915_gem_userptr_get_pages in drivers/gpu/drm/i915/i915_gem_userptr.c could allow an attacker to corrupt the memory and crash the system if they have permission to issue an ioctl to a system with an i915 graphics card.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":6.1,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-12881","cweIDs":["CWE-476"],"published":"2019-06-18T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-13012":{"cveID":"CVE-2019-13012","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"glib2","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-13012","title":"GNOME GLib におけるパーミッションに関する脆弱性","summary":"GNOME GLib (別名 glib) には、パーミッションに関する脆弱性が存在します。\n\n本脆弱性は、CVE-2019-12450 と同様の脆弱性です。","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:N/I:P/A:N","cvss2Severity":"Medium","cvss3Score":7.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-006027.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13012","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-13012","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/275.html","refID":""}],"published":"2019-07-08T17:14:00+09:00","lastModified":"2019-07-08T17:14:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-13012","title":"","summary":"The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using g_file_make_directory_with_parents (kfsb-\u003edir, NULL, NULL) and files using g_file_replace_contents (kfsb-\u003efile, contents, length, NULL, FALSE, G_FILE_CREATE_REPLACE_DESTINATION, NULL, NULL, NULL). Consequently, it does not properly restrict directory (and file) permissions. Instead, for directories, 0777 permissions are used; for files, default file permissions are used. This is similar to CVE-2019-12450.","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:N/I:P/A:N","cvss2Severity":"MEDIUM","cvss3Score":7.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","cvss3Severity":"HIGH","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-13012","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00022.html","refID":""},{"source":"","link":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931234#12","refID":""},{"source":"","link":"https://gitlab.gnome.org/GNOME/glib/commit/5e4da714f00f6bfb2ccd6d73d61329c6f3a08429","refID":""},{"source":"","link":"https://gitlab.gnome.org/GNOME/glib/issues/1658","refID":""},{"source":"","link":"https://gitlab.gnome.org/GNOME/glib/merge_requests/450","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/07/msg00029.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/08/msg00004.html","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190806-0003/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4049-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4049-2/","refID":""}],"cweIDs":["CWE-275"],"published":"2019-06-28T15:15:00Z","lastModified":"2019-07-29T11:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-13012","title":"CVE-2019-13012 glib2: insecure permissions for files and directories","summary":"The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using g_file_make_directory_with_parents (kfsb-\u003edir, NULL, NULL) and files using g_file_replace_contents (kfsb-\u003efile, contents, length, NULL, FALSE, G_FILE_CREATE_REPLACE_DESTINATION, NULL, NULL, NULL). Consequently, it does not properly restrict directory (and file) permissions. Instead, for directories, 0777 permissions are used; for files, default file permissions are used. This is similar to CVE-2019-12450.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":4.4,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","cvss3Severity":"Low","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-13012","cweIDs":["CWE-732"],"published":"2019-06-28T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-13050":{"cveID":"CVE-2019-13050","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"gnupg2","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-13050","title":"sks-keyserver code および GnuPG におけるホストの不一致による証明書の検証に関する脆弱性","summary":"sks-keyserver code および GnuPG には、ホストの不一致による証明書の検証に関する脆弱性が存在します。","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"Medium","cvss3Score":7.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-006090.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13050","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-13050","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/297.html","refID":""}],"published":"2019-07-09T18:06:00+09:00","lastModified":"2019-07-09T18:06:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-13050","title":"","summary":"Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service, because of a Certificate Spamming Attack.","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"MEDIUM","cvss3Score":7.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"HIGH","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-13050","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00039.html","refID":""},{"source":"","link":"https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUK2YRO6QIH64WP2LRA5D4LACTXQPPU4/","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CP4ON34YEXEZDZOXXWV43KVGGO6WZLJ5/","refID":""},{"source":"","link":"https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000439.html","refID":""},{"source":"","link":"https://twitter.com/lambdafu/status/1147162583969009664","refID":""}],"cweIDs":["CWE-297"],"published":"2019-06-29T17:15:00Z","lastModified":"2019-07-09T20:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-13050","title":"CVE-2019-13050 GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack which leads to persistent DoS","summary":"Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service, because of a Certificate Spamming Attack.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":6.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-13050","references":[{"source":"","link":"https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f\nhttps://access.redhat.com/articles/4264021","refID":""}],"cweIDs":["CWE-297"],"published":"2019-06-29T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":"\nAs per upstream: High-risk users should stop using the keyserver network immediately.\n\n1. Open ~/.gnupg/gpg.conf in a text editor. Ensure there is no line starting with keyserver. If there is, remove it.\n2. Open ~/.gnupg/dirmngr.conf in a text editor. Add the line \"keyserver hkps://keys.openpgp.org\" to the end of it.\n\nkeys.openpgp.org is a new experimental keyserver which is not part of the keyserver network and has some features which make it resistant to this attack. It is not a drop-in replacement: it has some limitations (for instance, its search functionality is sharply constrained). However, once you make this change you will be able to run gpg --refresh-keys with confidence.\n\nFor installations which are currently rendered unusable by this attack, the following repair method is advised:\n1. If you know which certificate is likely poisoned, try deleting it. Once the installation becomes usable again, you can acquire a new unpoisoned copy of the certificate and re-import it.\n2. If you do not know which certificate is poisoned, best option is to get a list of all your certificate IDs, delete your keyrings completely, and rebuild from scratch using known-good copies of the public certificates.\n "}},"alertDict":{"ja":null,"en":null}},"CVE-2019-13057":{"cveID":"CVE-2019-13057","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"openldap","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-13057","title":"OpenLDAP における認証に関する脆弱性","summary":"OpenLDAP には、認証に関する脆弱性が存在します。","cvss2Score":3.5,"cvss2Vector":"AV:N/AC:M/Au:S/C:P/I:N/A:N","cvss2Severity":"Low","cvss3Score":4.9,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-007390.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13057","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-13057","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-287.html","refID":""}],"published":"2019-08-08T16:55:00+09:00","lastModified":"2019-08-08T16:55:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-13057","title":"","summary":"An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant deployments), slapd does not properly stop a rootDN from requesting authorization as an identity from another database during a SASL bind or with a proxyAuthz (RFC 4370) control. (It is not a common configuration to deploy a system where the server administrator and a DB administrator enjoy different levels of trust.)","cvss2Score":3.5,"cvss2Vector":"AV:N/AC:M/Au:S/C:P/I:N/A:N","cvss2Severity":"LOW","cvss3Score":4.9,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-13057","references":[{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/08/msg00024.html","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190822-0004/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4078-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4078-2/","refID":""},{"source":"","link":"https://www.openldap.org/its/?findid=9038","refID":""},{"source":"","link":"https://www.openldap.org/lists/openldap-announce/201907/msg00001.html","refID":""}],"cweIDs":["CWE-287"],"published":"2019-07-26T13:15:00Z","lastModified":"2019-08-19T01:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-13057","title":"CVE-2019-13057 openldap: Information disclosure issue in slapd component","summary":"An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant deployments), slapd does not properly stop a rootDN from requesting authorization as an identity from another database during a SASL bind or with a proxyAuthz (RFC 4370) control. (It is not a common configuration to deploy a system where the server administrator and a DB administrator enjoy different levels of trust.)","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":6.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-13057","references":[{"source":"","link":"http://www.openldap.org/lists/openldap-announce/201907/msg00001.html\nhttps://openldap.org/its/?findid=9038","refID":""}],"cweIDs":["CWE-200"],"published":"2019-07-25T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":"\nThis is only an issue in e.g. multi-tenant deployments that require isolation of databases. Do not give rootDN privileges to untrusted users.\n "}},"alertDict":{"ja":null,"en":null}},"CVE-2019-13233":{"cveID":"CVE-2019-13233","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-13233","title":"Linux Kernel における競合状態に関する脆弱性","summary":"Linux Kernel には、競合状態に関する脆弱性、および解放済みメモリの使用に関する脆弱性が存在します。","cvss2Score":4.4,"cvss2Vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","cvss2Severity":"Medium","cvss3Score":7,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-006139.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13233","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-13233","refID":""},{"source":"関連文書","link":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1879","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-362.html","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/416.html","refID":""}],"published":"2019-07-11T14:15:00+09:00","lastModified":"2019-07-11T14:15:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-13233","title":"","summary":"In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.","cvss2Score":4.4,"cvss2Vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","cvss2Severity":"MEDIUM","cvss3Score":7,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"HIGH","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-13233","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html","refID":""},{"source":"","link":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1879","refID":""},{"source":"","link":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.9","refID":""},{"source":"","link":"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=de9f869616dd95e95c00bdd6b0fcd3421e8a4323","refID":""},{"source":"","link":"https://github.com/torvalds/linux/commit/de9f869616dd95e95c00bdd6b0fcd3421e8a4323","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Aug/13","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190806-0001/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4093-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4094-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4117-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4118-1/","refID":""},{"source":"","link":"https://www.debian.org/security/2019/dsa-4495","refID":""}],"cweIDs":["CWE-362","CWE-416"],"published":"2019-07-04T13:15:00Z","lastModified":"2019-07-20T12:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-13233","title":"CVE-2019-13233 kernel: use-after-free in arch/x86/lib/insn-eval.c","summary":"In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.\nA vulnerability was found in the arch/x86/lib/insn-eval.c function in the Linux kernel. An attacker could corrupt the memory due to a flaw in use-after-free access to an LDT entry caused by a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":5.1,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-13233","cweIDs":["CWE-416"],"published":"2019-07-04T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-13565":{"cveID":"CVE-2019-13565","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"openldap","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-13565","title":"OpenLDAP における認証に関する脆弱性","summary":"OpenLDAP には、認証に関する脆弱性が存在します。","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","cvss2Severity":"Medium","cvss3Score":7.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-007386.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13565","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-13565","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-287.html","refID":""}],"published":"2019-08-08T16:53:00+09:00","lastModified":"2019-08-08T16:53:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-13565","title":"","summary":"An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs. After the first SASL bind is completed, the sasl_ssf value is retained for all new non-SASL connections. Depending on the ACL configuration, this can affect different types of operations (searches, modifications, etc.). In other words, a successful authorization step completed by one user affects the authorization requirement for a different user.","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","cvss2Severity":"MEDIUM","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-13565","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/08/msg00024.html","refID":""},{"source":"","link":"https://usn.ubuntu.com/4078-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4078-2/","refID":""},{"source":"","link":"https://www.openldap.org/its/index.cgi/?findid=9052","refID":""},{"source":"","link":"https://www.openldap.org/lists/openldap-announce/201907/msg00001.html","refID":""}],"cweIDs":["CWE-287"],"published":"2019-07-26T13:15:00Z","lastModified":"2019-09-24T00:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-13565","title":"CVE-2019-13565 openldap: ACL restrictions bypass due to sasl_ssf value being set permanently","summary":"An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs. After the first SASL bind is completed, the sasl_ssf value is retained for all new non-SASL connections. Depending on the ACL configuration, this can affect different types of operations (searches, modifications, etc.). In other words, a successful authorization step completed by one user affects the authorization requirement for a different user.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":7.4,"cvss3Vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-13565","references":[{"source":"","link":"http://www.openldap.org/lists/openldap-announce/201907/msg00001.html\nhttps://openldap.org/its/?findid=9052","refID":""}],"cweIDs":["CWE-284"],"published":"2019-07-24T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-13631":{"cveID":"CVE-2019-13631","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-13631","title":"Linux Kernel における境界外書き込みに関する脆弱性","summary":"Linux Kernel には、境界外書き込みに関する脆弱性が存在します。","cvss2Score":4.6,"cvss2Vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"Medium","cvss3Score":6.8,"cvss3Vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-006726.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13631","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-13631","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/787.html","refID":""}],"published":"2019-07-25T17:23:00+09:00","lastModified":"2019-07-25T17:23:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-13631","title":"","summary":"In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.","cvss2Score":4.6,"cvss2Vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"MEDIUM","cvss3Score":6.8,"cvss3Vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-13631","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00055.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00056.html","refID":""},{"source":"","link":"http://packetstormsecurity.com/files/154059/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html","refID":""},{"source":"","link":"http://www.securityfocus.com/bid/109291","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/08/msg00016.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/08/msg00017.html","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQ5BQKTI24DPSVKPOIMMGDTFKCF6ASXT/","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TUXTJSLIQBOJTQDMTUQTQKUWWAJLFVEY/","refID":""},{"source":"","link":"https://patchwork.kernel.org/patch/11040813/","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Aug/13","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Aug/18","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Aug/26","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190806-0001/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4115-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4118-1/","refID":""},{"source":"","link":"https://www.debian.org/security/2019/dsa-4495","refID":""},{"source":"","link":"https://www.debian.org/security/2019/dsa-4497","refID":""}],"cweIDs":["CWE-787"],"published":"2019-07-17T19:15:00Z","lastModified":"2019-07-26T03:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-13631","title":"CVE-2019-13631 kernel: OOB writes in parse_hid_report_descriptor in drivers/input/tablet/gtco.c","summary":"In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.\nA flaw was found in the Linux kernel's implementation of GTCO tablet/digitizer's version of the parse_hid_report_descriptor in drivers. An attacker with local access could use this flaw to create a specially crafted USB device inserted into the host to corrupt memory, trigger an out-of-bounds write during the generation of debugging messages, or possibly escalate the privileges of a process.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":5.3,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-13631","cweIDs":["CWE-125"],"published":"2019-07-11T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":"\nIt is possible to prevent the kernel from loading the affected code by blacklisting the gtco kernel module. Visit https://access.redhat.com/solutions/41278 for specifics.\n "}},"alertDict":{"ja":null,"en":null}},"CVE-2019-14283":{"cveID":"CVE-2019-14283","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-14283","title":"Linux Kernel における境界外読み取りに関する脆弱性","summary":"Linux Kernel には、境界外読み取りに関する脆弱性、および整数オーバーフローの脆弱性が存在します。","cvss2Score":4.6,"cvss2Vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"Medium","cvss3Score":6.8,"cvss3Vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-007158.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14283","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-14283","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/125.html","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/190.html","refID":""}],"published":"2019-08-05T11:13:00+09:00","lastModified":"2019-08-05T11:13:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-14283","title":"","summary":"In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU creates the floppy device by default.","cvss2Score":4.6,"cvss2Vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"MEDIUM","cvss3Score":6.8,"cvss3Vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-14283","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00055.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00056.html","refID":""},{"source":"","link":"http://packetstormsecurity.com/files/154059/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html","refID":""},{"source":"","link":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3","refID":""},{"source":"","link":"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=da99466ac243f15fbba65bd261bfc75ffa1532b6","refID":""},{"source":"","link":"https://github.com/torvalds/linux/commit/da99466ac243f15fbba65bd261bfc75ffa1532b6","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/08/msg00016.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/08/msg00017.html","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Aug/13","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Aug/18","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Aug/26","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190905-0002/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4114-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4115-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4116-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4117-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4118-1/","refID":""},{"source":"","link":"https://www.debian.org/security/2019/dsa-4495","refID":""},{"source":"","link":"https://www.debian.org/security/2019/dsa-4497","refID":""}],"cweIDs":["CWE-125","CWE-190"],"published":"2019-07-26T13:15:00Z","lastModified":"2019-08-11T23:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-14283","title":"CVE-2019-14283 kernel: integer overflow and OOB read in drivers/block/floppy.c","summary":"In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU creates the floppy device by default.\nA vulnerability was found in the Linux kernel’s floppy disk driver implementation. A local attacker with access to the floppy device could call set_geometry in drivers/block/floppy.c, which does not validate the sect and head fields, causing an integer overflow and out-of-bounds read. This flaw may crash the system or allow an attacker to gather information causing subsequent successful attacks.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":5.6,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-14283","references":[{"source":"","link":"Changelog\nhttps://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3\n\nUpstream commit\nhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=da99466ac243f15fbba65bd261bfc75ffa1532b6\nhttps://github.com/torvalds/linux/commit/da99466ac243f15fbba65bd261bfc75ffa1532b6","refID":""}],"cweIDs":["CWE-190","CWE-125"],"published":"2019-07-26T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":"\nThe kernel module named 'floppy' contains the affected code, this can be blacklisted using the standard blacklisting techniques or disabled in the systems BIOS. See https://access.redhat.com/solutions/41278 for how to blacklist a kernel module.\n\nVirtualized guest systems can also remove the system from the guests configuration to ensure that the module does not load.\n "}},"alertDict":{"ja":null,"en":null}},"CVE-2019-14284":{"cveID":"CVE-2019-14284","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-14284","title":"Linux Kernel におけるゼロ除算に関する脆弱性","summary":"Linux Kernel には、ゼロ除算に関する脆弱性が存在します。","cvss2Score":2.1,"cvss2Vector":"AV:L/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"Low","cvss3Score":6.2,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-007157.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14284","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-14284","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/369.html","refID":""}],"published":"2019-08-05T11:11:00+09:00","lastModified":"2019-08-05T11:11:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-14284","title":"","summary":"In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Next, the floppy format operation should be called. It can be triggered by an unprivileged local user even when a floppy disk has not been inserted. NOTE: QEMU creates the floppy device by default.","cvss2Score":2.1,"cvss2Vector":"AV:L/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"LOW","cvss3Score":6.2,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-14284","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00055.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00056.html","refID":""},{"source":"","link":"http://packetstormsecurity.com/files/154059/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html","refID":""},{"source":"","link":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3","refID":""},{"source":"","link":"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f3554aeb991214cbfafd17d55e2bfddb50282e32","refID":""},{"source":"","link":"https://github.com/torvalds/linux/commit/f3554aeb991214cbfafd17d55e2bfddb50282e32","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/08/msg00016.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/08/msg00017.html","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Aug/13","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Aug/18","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Aug/26","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190905-0002/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4114-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4115-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4116-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4117-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4118-1/","refID":""},{"source":"","link":"https://www.debian.org/security/2019/dsa-4495","refID":""},{"source":"","link":"https://www.debian.org/security/2019/dsa-4497","refID":""}],"cweIDs":["CWE-369"],"published":"2019-07-26T13:15:00Z","lastModified":"2019-08-11T23:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-14284","title":"CVE-2019-14284 kernel: denial of service in drivers/block/floppy.c by setup_format_params division-by-zero","summary":"In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Next, the floppy format operation should be called. It can be triggered by an unprivileged local user even when a floppy disk has not been inserted. NOTE: QEMU creates the floppy device by default.\nA vulnerability was found in the Linux kernel’s floppy disk driver implementation. A local attacker with access to the floppy disk device file (/dev/fd0 through to /dev/fdN) can create a situation that causes the kernel to divide by zero. This requires two consecutive ioctl calls to be issued. The first ioctl call sets the sector and rate values, and the second ioctl is the call to format the floppy disk to the appropriate values. This flaw can cause the system to divide by zero and panic the host. No media (floppy) is required to be inserted for this attack to work properly.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-14284","cweIDs":["CWE-400"],"published":"2019-07-26T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":"\nThe kernel module named 'floppy' contains the affected code, this can be blacklisted using the standard blacklisting techniques or disabled in the systems BIOS. See https://access.redhat.com/solutions/41278 for how to blacklist a kernel module.\n\nVirtualized guest systems can also remove the system from the guests configuration to ensure that the module does not load.\n "}},"alertDict":{"ja":null,"en":null}},"CVE-2019-14287":{"cveID":"CVE-2019-14287","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"sudo","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-14287","title":"CVE-2019-14287 sudo: Privilege escalation via 'Runas' specification with 'ALL' keyword","summary":"A flaw was found in the way sudo implemented running commands with arbitrary user ID. If a sudoers entry is written to allow the attacker to run a command as any user except root, this flaw can be used by the attacker to bypass that restriction.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":7.8,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"Important","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-14287","references":[{"source":"","link":"https://www.sudo.ws/alerts/minus_1_uid.html","refID":""}],"cweIDs":["CWE-267"],"published":"2019-10-14T15:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-14821":{"cveID":"CVE-2019-14821","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-14821","title":"Linux Kernel における境界外書き込みに関する脆弱性","summary":"Linux Kernel には、境界外書き込みに関する脆弱性が存在します。","cvss2Score":7.2,"cvss2Vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","cvss2Severity":"High","cvss3Score":8.8,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-009626.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14821","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-14821","refID":""},{"source":"関連文書","link":"http://www.openwall.com/lists/oss-security/2019/09/20/1","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/787.html","refID":""}],"published":"2019-09-25T17:26:00+09:00","lastModified":"2019-09-25T17:26:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-14821","title":"","summary":"An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring-\u003efirst' and 'ring-\u003elast' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.","cvss2Score":7.2,"cvss2Vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","cvss2Severity":"HIGH","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-14821","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html","refID":""},{"source":"","link":"http://www.openwall.com/lists/oss-security/2019/09/20/1","refID":""},{"source":"","link":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14821","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/10/msg00000.html","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TRZQQQANZWQMPILZV7OTS3RGGRLLE2Q7/","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YW3QNMPENPFEGVTOFPSNOBL7JEIJS25P/","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Sep/41","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20191004-0001/","refID":""},{"source":"","link":"https://www.debian.org/security/2019/dsa-4531","refID":""}],"cweIDs":["CWE-787"],"published":"2019-09-19T18:15:00Z","lastModified":"2019-09-24T03:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-14821","title":"CVE-2019-14821 Kernel: KVM: OOB memory access via mmio ring buffer","summary":"An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring-\u003efirst' and 'ring-\u003elast' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.\nAn out-of-bounds access issue was found in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring-\u003efirst' and 'ring-\u003elast' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":7,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"Important","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-14821","cweIDs":["CWE-787"],"published":"2019-09-17T17:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":"\nRestrict access to the '/dev/kvm' device to trusted users.\n "}},"alertDict":{"ja":null,"en":null}},"CVE-2019-14835":{"cveID":"CVE-2019-14835","confidences":[{"score":100,"detectionMethod":"OvalMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":false,"fixState":""},{"name":"kernel-tools","notFixedYet":false,"fixState":""},{"name":"kernel-tools-libs","notFixedYet":false,"fixState":""},{"name":"python-perf","notFixedYet":false,"fixState":""}],"distroAdvisories":[{"advisoryID":"RHSA-2019:2829","severity":"Important","issued":"2019-09-20T00:00:00Z","updated":"2019-09-20T00:00:00Z","description":"The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A buffer overflow flaw was found in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. (CVE-2019-14835)"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-14835","title":"Linux Kernel における古典的バッファオーバーフローの脆弱性","summary":"Linux Kernel には、古典的バッファオーバーフローの脆弱性が存在します。","cvss2Score":7.2,"cvss2Vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","cvss2Severity":"High","cvss3Score":7.8,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-009455.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14835","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-14835","refID":""},{"source":"関連文書","link":"https://www.openwall.com/lists/oss-security/2019/09/17/1","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/120.html","refID":""}],"published":"2019-09-20T16:55:00+09:00","lastModified":"2019-09-20T16:55:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-14835","title":"","summary":"A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.","cvss2Score":7.2,"cvss2Vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","cvss2Severity":"HIGH","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-14835","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html","refID":""},{"source":"","link":"http://packetstormsecurity.com/files/154572/Kernel-Live-Patch-Security-Notice-LSN-0056-1.html","refID":""},{"source":"","link":"http://www.openwall.com/lists/oss-security/2019/09/24/1","refID":""},{"source":"","link":"http://www.openwall.com/lists/oss-security/2019/10/03/1","refID":""},{"source":"","link":"http://www.openwall.com/lists/oss-security/2019/10/09/3","refID":""},{"source":"","link":"http://www.openwall.com/lists/oss-security/2019/10/09/7","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHBA-2019:2824","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:2827","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:2828","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:2829","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:2830","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:2854","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:2862","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:2863","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:2864","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:2865","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:2866","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:2867","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:2869","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:2889","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:2899","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:2900","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:2901","refID":""},{"source":"","link":"https://access.redhat.com/errata/RHSA-2019:2924","refID":""},{"source":"","link":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14835","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/10/msg00000.html","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQFY6JYFIQ2VFQ7QCSXPWTUL5ZDNCJL5/","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YW3QNMPENPFEGVTOFPSNOBL7JEIJS25P/","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Sep/41","refID":""},{"source":"","link":"https://usn.ubuntu.com/4135-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4135-2/","refID":""},{"source":"","link":"https://www.debian.org/security/2019/dsa-4531","refID":""},{"source":"","link":"https://www.openwall.com/lists/oss-security/2019/09/17/1","refID":""}],"cweIDs":["CWE-120"],"published":"2019-09-17T16:15:00Z","lastModified":"2019-09-19T04:15:00Z","mitigation":""},"redhat":{"type":"redhat","cveID":"CVE-2019-14835","title":"RHSA-2019:2829: kernel security update (Important)","summary":"The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A buffer overflow flaw was found in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. (CVE-2019-14835)","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"Important","cvss3Score":7.2,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H","cvss3Severity":"","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-14835","references":[{"source":"RHSA","link":"https://access.redhat.com/errata/RHSA-2019:2829","refID":"RHSA-2019:2829"},{"source":"CVE","link":"https://access.redhat.com/security/cve/CVE-2019-14835","refID":"CVE-2019-14835"}],"cweIDs":["CWE-120"],"published":"2019-09-20T00:00:00Z","lastModified":"2019-09-20T00:00:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-14835","title":"CVE-2019-14835 kernel: vhost-net: guest to host kernel escape during migration","summary":"A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.\nA buffer overflow flaw was found in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":7.2,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H","cvss3Severity":"Important","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-14835","references":[{"source":"","link":"https://access.redhat.com/security/vulnerabilities/kernel-vhost\nhttps://www.openwall.com/lists/oss-security/2019/09/17/1","refID":""}],"cweIDs":["CWE-120"],"published":"2019-09-17T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":"\nFor mitigation related information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/security/vulnerabilities/kernel-vhost\n "}},"alertDict":{"ja":null,"en":null}},"CVE-2019-15211":{"cveID":"CVE-2019-15211","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-15211","title":"Linux Kernel における解放済みメモリの使用に関する脆弱性","summary":"Linux Kernel には、解放済みメモリの使用に関する脆弱性が存在します。","cvss2Score":4.9,"cvss2Vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","cvss2Severity":"Medium","cvss3Score":4.6,"cvss3Vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-008129.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15211","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-15211","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/416.html","refID":""}],"published":"2019-08-26T16:58:00+09:00","lastModified":"2019-08-26T16:58:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-15211","title":"","summary":"An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory.","cvss2Score":4.9,"cvss2Vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","cvss2Severity":"MEDIUM","cvss3Score":4.6,"cvss3Vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-15211","references":[{"source":"","link":"http://www.openwall.com/lists/oss-security/2019/08/20/2","refID":""},{"source":"","link":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.6","refID":""},{"source":"","link":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c666355e60ddb4748ead3bdd983e3f7f2224aaf0","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190905-0002/","refID":""},{"source":"","link":"https://syzkaller.appspot.com/bug?id=775f90f43cfd6f8ac6c15251ce68e604453da226","refID":""},{"source":"","link":"https://usn.ubuntu.com/4115-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4118-1/","refID":""}],"cweIDs":["CWE-416"],"published":"2019-08-19T22:15:00Z","lastModified":"2019-09-03T00:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-15211","title":"CVE-2019-15211 kernel: use-after-free in drivers/media/v4l2-core/v4l2-dev.c","summary":"An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":7.3,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-15211","cweIDs":["CWE-416"],"published":"2019-08-19T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-15239":{"cveID":"CVE-2019-15239","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-15239","title":"Linux Kernel における解放済みメモリの使用に関する脆弱性","summary":"Linux Kernel には、解放済みメモリの使用に関する脆弱性が存在します。","cvss2Score":7.2,"cvss2Vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","cvss2Severity":"High","cvss3Score":7.8,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-008653.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15239","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-15239","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/416.html","refID":""}],"published":"2019-09-04T17:11:00+09:00","lastModified":"2019-09-04T17:11:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-15239","title":"","summary":"In the Linux kernel, a certain net/ipv4/tcp_output.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue that was intended to be fixed by backporting. Specifically, by adding to a write queue between disconnection and re-connection, a local attacker can trigger multiple use-after-free conditions. This can result in a kernel crash, or potentially in privilege escalation. NOTE: this affects (for example) Linux distributions that use 4.9.x longterm kernels before 4.9.190 or 4.14.x longterm kernels before 4.14.139.","cvss2Score":7.2,"cvss2Vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","cvss2Severity":"HIGH","cvss3Score":7.8,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"HIGH","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-15239","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html","refID":""},{"source":"","link":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7f582b248d0a86bae5788c548d7bb5bca6f7691a","refID":""},{"source":"","link":"https://lore.kernel.org/stable/41a61a2f87691d2bc839f26cdfe6f5ff2f51e472.camel@decadent.org.uk/","refID":""},{"source":"","link":"https://pulsesecurity.co.nz/advisories/linux-kernel-4.9-tcpsocketsuaf","refID":""},{"source":"","link":"https://salsa.debian.org/kernel-team/kernel-sec/blob/f6273af2d956a87296b6b60379d0a186c9be4bbc/active/CVE-2019-15239","refID":""},{"source":"","link":"https://www.debian.org/security/2019/dsa-4497","refID":""}],"cweIDs":["CWE-416"],"published":"2019-08-20T08:15:00Z","lastModified":"2019-09-24T15:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-15239","title":"CVE-2019-15239 kernel: local attacker can trigger multiple use-after-free conditions results in privilege escalation","summary":"In the Linux kernel, a certain net/ipv4/tcp_output.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue that was intended to be fixed by backporting. Specifically, by adding to a write queue between disconnection and re-connection, a local attacker can trigger multiple use-after-free conditions. This can result in a kernel crash, or potentially in privilege escalation. NOTE: this affects (for example) Linux distributions that use 4.9.x longterm kernels before 4.9.190 or 4.14.x longterm kernels before 4.14.139.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":7.4,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"Important","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-15239","cweIDs":["CWE-416"],"published":"2019-08-20T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-1547":{"cveID":"CVE-2019-1547","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"openssl","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-1547","title":"OpenSSL の EC グループにおけるサイドチャンネルに耐性のないコードパスにフォールバックされる脆弱性","summary":"OpenSSL の EC グループは、明示的なパラメータを使用してグループを作成する場合、co-factor が存在しないため、サイドチャンネルに耐性のないコードパスにフォールバックされ、ECDSA 署名操作中に完全なキー回復が行われる脆弱性が存在します。\n\n 影:攻撃者により、libcrypto を使用するアプリケーションで co-factor が存在しない明示的なパラメータが使用されていることで、サイドチャンネルに耐性のないコードパスにフォールバックされ、ECDSA 署名操作中に完全なキー回復が行われる可能性があります。","cvss2Score":1.9,"cvss2Vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","cvss2Severity":"Low","cvss3Score":4.7,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-009288.html","references":[{"source":"JVN","link":"https://jvn.jp/vu/JVNVU94367039/","refID":""},{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1547","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-1547","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/311.html","refID":""}],"published":"2019-09-18T11:05:00+09:00","lastModified":"2019-09-18T11:05:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-1547","title":"","summary":"Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).","cvss2Score":1.9,"cvss2Vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","cvss2Severity":"LOW","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-1547","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00054.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00072.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00012.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00016.html","refID":""},{"source":"","link":"http://packetstormsecurity.com/files/154467/Slackware-Security-Advisory-openssl-Updates.html","refID":""},{"source":"","link":"https://arxiv.org/abs/1909.01785","refID":""},{"source":"","link":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=21c856b75d81eff61aa63b4f036bb64a85bf6d46","refID":""},{"source":"","link":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30c22fa8b1d840036b8e203585738df62a03cec8","refID":""},{"source":"","link":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7c1709c2da5414f5b6133d00a03fc8c5bf996c7a","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/09/msg00026.html","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GY6SNRJP2S7Y42GIIDO3HXPNMDYN2U3A/","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZN4VVQJ3JDCHGIHV4Y2YTXBYQZ6PWQ7E/","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Oct/0","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Oct/1","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Sep/25","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190919-0002/","refID":""},{"source":"","link":"https://support.f5.com/csp/article/K73422160?utm_source=f5support\u0026amp;utm_medium=RSS","refID":""},{"source":"","link":"https://www.debian.org/security/2019/dsa-4539","refID":""},{"source":"","link":"https://www.debian.org/security/2019/dsa-4540","refID":""},{"source":"","link":"https://www.openssl.org/news/secadv/20190910.txt","refID":""}],"cweIDs":["CWE-311"],"published":"2019-09-10T17:15:00Z","lastModified":"2019-09-12T16:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-1547","title":"CVE-2019-1547 openssl: side-channel weak encryption vulnerability","summary":"Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-1547","cweIDs":["CWE-602"],"published":"2019-09-10T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-1563":{"cveID":"CVE-2019-1563","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"openssl","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-1563","title":"OpenSSL における CMS/PKCS7 で転送された暗号鍵を復元される脆弱性","summary":"OpenSSL には、CMS/PKCS7 で転送された暗号鍵を復元される、または RSA 公開鍵で暗号化された RSA 暗号化メッセージをすべて復号化される脆弱性が存在します。","cvss2Score":4.3,"cvss2Vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","cvss2Severity":"Medium","cvss3Score":3.7,"cvss3Vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3Severity":"Low","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-009181.html","references":[{"source":"JVN","link":"https://jvn.jp/vu/JVNVU94367039/","refID":""},{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1563","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-1563","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/311.html","refID":""}],"published":"2019-09-13T12:03:00+09:00","lastModified":"2019-09-13T12:03:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-1563","title":"","summary":"In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).","cvss2Score":4.3,"cvss2Vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","cvss2Severity":"MEDIUM","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-1563","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00054.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00072.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00012.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00016.html","refID":""},{"source":"","link":"http://packetstormsecurity.com/files/154467/Slackware-Security-Advisory-openssl-Updates.html","refID":""},{"source":"","link":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=08229ad838c50f644d7e928e2eef147b4308ad64","refID":""},{"source":"","link":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=631f94db0065c78181ca9ba5546ebc8bb3884b97","refID":""},{"source":"","link":"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e21f8cf78a125cd3c8c0d1a1a6c8bb0b901f893f","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/09/msg00026.html","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GY6SNRJP2S7Y42GIIDO3HXPNMDYN2U3A/","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZN4VVQJ3JDCHGIHV4Y2YTXBYQZ6PWQ7E/","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Oct/0","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Oct/1","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Sep/25","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190919-0002/","refID":""},{"source":"","link":"https://support.f5.com/csp/article/K97324400?utm_source=f5support\u0026amp;utm_medium=RSS","refID":""},{"source":"","link":"https://www.debian.org/security/2019/dsa-4539","refID":""},{"source":"","link":"https://www.debian.org/security/2019/dsa-4540","refID":""},{"source":"","link":"https://www.openssl.org/news/secadv/20190910.txt","refID":""}],"cweIDs":["CWE-311"],"published":"2019-09-10T17:15:00Z","lastModified":"2019-09-12T11:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-1563","title":"CVE-2019-1563 openssl: information disclosure in PKCS7_dataDecode and CMS_decrypt_set1_pkey","summary":"In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":3.7,"cvss3Vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3Severity":"Low","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-1563","cweIDs":["CWE-200"],"published":"2019-09-10T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-15903":{"cveID":"CVE-2019-15903","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"expat","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-15903","title":"libexpat における XML 外部エンティティの脆弱性","summary":"libexpat には、XML 外部エンティティの脆弱性が存在します。","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"Medium","cvss3Score":7.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-008876.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-15903","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/611.html","refID":""}],"published":"2019-09-09T11:54:00+09:00","lastModified":"2019-09-09T11:54:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-15903","title":"","summary":"In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"MEDIUM","cvss3Score":7.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"HIGH","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-15903","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html","refID":""},{"source":"","link":"http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html","refID":""},{"source":"","link":"https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43","refID":""},{"source":"","link":"https://github.com/libexpat/libexpat/issues/317","refID":""},{"source":"","link":"https://github.com/libexpat/libexpat/issues/342","refID":""},{"source":"","link":"https://github.com/libexpat/libexpat/pull/318","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Sep/30","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Sep/37","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190926-0004/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4132-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4132-2/","refID":""},{"source":"","link":"https://www.debian.org/security/2019/dsa-4530","refID":""}],"cweIDs":["CWE-611"],"published":"2019-09-04T06:15:00Z","lastModified":"2019-09-12T21:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-15903","title":"CVE-2019-15903 expat: heap-based buffer over-read via crafted XML input","summary":"In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3Severity":"Low","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-15903","cweIDs":["CWE-122","CWE-125"],"published":"2019-09-04T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-15916":{"cveID":"CVE-2019-15916","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-15916","title":"Linux Kernel におけるバッファエラーの脆弱性","summary":"Linux Kernel には、バッファエラーの脆弱性が存在します。","cvss2Score":7.8,"cvss2Vector":"AV:N/AC:L/Au:N/C:N/I:N/A:C","cvss2Severity":"High","cvss3Score":7.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-008872.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15916","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-15916","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-119.html","refID":""}],"published":"2019-09-09T11:32:00+09:00","lastModified":"2019-09-09T11:32:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-15916","title":"","summary":"An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service.","cvss2Score":7.8,"cvss2Vector":"AV:N/AC:L/Au:N/C:N/I:N/A:C","cvss2Severity":"HIGH","cvss3Score":7.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"HIGH","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-15916","references":[{"source":"","link":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.1","refID":""},{"source":"","link":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=895a5e96dbd6386c8e78e5b78e067dcc67b7f0ab","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20191004-0001/","refID":""}],"cweIDs":["CWE-119"],"published":"2019-09-04T15:15:00Z","lastModified":"2019-10-04T09:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-15916","title":"CVE-2019-15916 kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service","summary":"An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service.\nA flaw that allowed an attacker to leak kernel memory was found in the network subsystem where an attacker with permissions to create tun/tap devices can create a denial of service and panic the system.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-15916","cweIDs":["CWE-400"],"published":"2019-09-04T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-16056":{"cveID":"CVE-2019-16056","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"python","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-16056","title":"Python における入力確認に関する脆弱性","summary":"Python には、入力確認に関する脆弱性が存在します。\n\n本脆弱性は、CVE-2019-11340 と同様の脆弱性です。","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","cvss2Severity":"Medium","cvss3Score":7.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-009053.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16056","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-16056","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-20.html","refID":""}],"published":"2019-09-11T17:27:00+09:00","lastModified":"2019-09-11T17:27:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-16056","title":"","summary":"An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally.","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","cvss2Severity":"MEDIUM","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-16056","references":[{"source":"","link":"https://bugs.python.org/issue34155","refID":""},{"source":"","link":"https://github.com/python/cpython/commit/8cb65d1381b027f0b09ee36bfed7f35bb4dec9a9","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/09/msg00018.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/09/msg00019.html","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E2HP37NUVLQSBW3J735A2DQDOZ4ZGBLY/","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ER6LONC2B2WYIO56GBQUDU6QTWZDPUNQ/","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K4KZEFP6E4YPYB52AF4WXCUDSGQOTF37/","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NF3DRDGMVIRYNZMSLJIHNW47HOUQYXVG/","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190926-0005/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4151-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4151-2/","refID":""}],"cweIDs":["CWE-20"],"published":"2019-09-06T18:15:00Z","lastModified":"2019-09-11T05:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-16056","title":"CVE-2019-16056 python: email.utils.parseaddr wrongly parses email addresses","summary":"An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":7.3,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-16056","cweIDs":["CWE-20"],"published":"2018-07-19T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-3842":{"cveID":"CVE-2019-3842","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"systemd","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-3842","title":"systemd における認可・権限・アクセス制御に関する脆弱性","summary":"systemd には、認可・権限・アクセス制御に関する脆弱性が存在します。","cvss2Score":4.4,"cvss2Vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","cvss2Severity":"Medium","cvss3Score":7,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-003372.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3842","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-3842","refID":""},{"source":"関連文書","link":"http://packetstormsecurity.com/files/152610/systemd-Seat-Verification-Active-Session-Spoofing.html","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-264.html","refID":""}],"published":"2019-05-15T17:52:00+09:00","lastModified":"2019-05-15T17:52:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-3842","title":"","summary":"In systemd before v242-rc4, it was discovered that pam_systemd does not properly sanitize the environment before using the XDG_SEAT variable. It is possible for an attacker, in some particular configurations, to set a XDG_SEAT environment variable which allows for commands to be checked against polkit policies using the \"allow_active\" element rather than \"allow_any\".","cvss2Score":4.4,"cvss2Vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","cvss2Severity":"MEDIUM","cvss3Score":7,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"HIGH","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-3842","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00062.html","refID":""},{"source":"","link":"http://packetstormsecurity.com/files/152610/systemd-Seat-Verification-Active-Session-Spoofing.html","refID":""},{"source":"","link":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3842","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/04/msg00022.html","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/STR36RJE4ZZIORMDXRERVBHMPRNRTHAC/","refID":""},{"source":"","link":"https://www.exploit-db.com/exploits/46743/","refID":""}],"cweIDs":["CWE-264"],"published":"2019-04-09T21:29:00Z","lastModified":"2019-05-28T00:29:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-3842","title":"CVE-2019-3842 systemd: Spoofing of XDG_SEAT allows for actions to be checked against \"allow_active\" instead of \"allow_any\"","summary":"In systemd before v242-rc4, it was discovered that pam_systemd does not properly sanitize the environment before using the XDG_SEAT variable. It is possible for an attacker, in some particular configurations, to set a XDG_SEAT environment variable which allows for commands to be checked against polkit policies using the \"allow_active\" element rather than \"allow_any\".\nIt was discovered that pam_systemd does not properly sanitize the environment before using the XDG_SEAT variable. It is possible for an attacker, in some particular configurations, to set a XDG_SEAT environment variable which allows for commands to be checked against polkit policies using the \"allow_active\" element rather than \"allow_any\".","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":4.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-3842","cweIDs":["CWE-285"],"published":"2019-04-08T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"exploits":[{"exploitType":"OffensiveSecurity","id":"46743","url":"https://www.exploit-db.com/exploits/46743","description":"systemd - Lack of Seat Verification in PAM Module Permits Spoofing Active Session to polkit","documentURL":"https://github.com/offensive-security/exploitdb/exploits/linux/dos/46743.txt"}],"alertDict":{"ja":null,"en":null}},"CVE-2019-3846":{"cveID":"CVE-2019-3846","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-3846","title":"Linux Kernel におけるバッファエラーの脆弱性","summary":"Linux Kernel には、バッファエラーの脆弱性が存在します。","cvss2Score":8.3,"cvss2Vector":"AV:A/AC:L/Au:N/C:C/I:C/A:C","cvss2Severity":"High","cvss3Score":8.8,"cvss3Vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-005118.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3846","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-3846","refID":""},{"source":"関連文書","link":"https://seclists.org/oss-sec/2019/q2/133","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-119.html","refID":""}],"published":"2019-06-17T15:18:00+09:00","lastModified":"2019-06-17T15:18:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-3846","title":"","summary":"A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.","cvss2Score":8.3,"cvss2Vector":"AV:A/AC:L/Au:N/C:C/I:C/A:C","cvss2Severity":"HIGH","cvss3Score":8.8,"cvss3Vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"HIGH","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-3846","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00040.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html","refID":""},{"source":"","link":"http://packetstormsecurity.com/files/153702/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html","refID":""},{"source":"","link":"http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html","refID":""},{"source":"","link":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3846","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/06/msg00010.html","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KLGWJKLMTBBB53D5QLS4HOY2EH246WBE/","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Jul/33","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Jun/26","refID":""},{"source":"","link":"https://seclists.org/oss-sec/2019/q2/133","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190710-0002/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4093-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4094-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4095-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4095-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4117-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4118-1/","refID":""},{"source":"","link":"https://www.debian.org/security/2019/dsa-4465","refID":""}],"cweIDs":["CWE-119"],"published":"2019-06-03T19:29:00Z","lastModified":"2019-06-10T03:29:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-3846","title":"CVE-2019-3846 kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c","summary":"A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.\nA flaw was found in the Linux kernel's Marvell wifi chip driver. A heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c allows remote attackers to cause a denial of service(system crash) or execute arbitrary code.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":8,"cvss3Vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3Severity":"Important","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-3846","references":[{"source":"","link":"https://seclists.org/oss-sec/2019/q2/133","refID":""}],"cweIDs":["CWE-122"],"published":"2019-05-30T12:53:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":"\nThis flaw requires a system with marvell wifi network card to be attempting to connect to a attacker controlled wifi network. A temporary mitigation may be to only connect to known-good networks via wifi, or connect to a network via ethernet. Alternatively if wireless networking is not used the mwifiex kernel module can be blacklisted to prevent misuse of the vulnerable code.\n "}},"alertDict":{"ja":null,"en":null}},"CVE-2019-3874":{"cveID":"CVE-2019-3874","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-3874","title":"Linux Kernel におけるバッファエラーの脆弱性","summary":"Linux Kernel には、バッファエラーの脆弱性が存在します。\n","cvss2Score":3.3,"cvss2Vector":"AV:A/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"Low","cvss3Score":6.5,"cvss3Vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-003088.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3874","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-3874","refID":""},{"source":"関連文書","link":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3874","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-119.html","refID":""}],"published":"2019-05-09T12:32:00+09:00","lastModified":"2019-05-09T12:32:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-3874","title":"","summary":"The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.","cvss2Score":3.3,"cvss2Vector":"AV:A/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"LOW","cvss3Score":6.5,"cvss3Vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-3874","references":[{"source":"","link":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3874","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190411-0003/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3979-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3980-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3980-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3981-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3981-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3982-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/3982-2/","refID":""}],"cweIDs":["CWE-119"],"published":"2019-03-25T19:29:00Z","lastModified":"2019-05-29T00:29:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-3874","title":"CVE-2019-3874 kernel: SCTP socket buffer memory leak leading to denial of service","summary":"The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.\nThe SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":5.3,"cvss3Vector":"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-3874","references":[{"source":"","link":"https://lore.kernel.org/netdev/20190401113110.GA20717@hmswarspite.think-freely.org/T/#u\nhttps://discuss.kubernetes.io/t/kubernetes-security-announcement-linux-kernel-memory-cgroups-escape-via-sctp-cve-2019-3874/5594","refID":""}],"cweIDs":["CWE-400"],"published":"2019-03-19T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":"\nSELinux prevents a bind of the SCTP socket by a non-root user. \n\nTo mitigate this issue if not using SELinux, or if a Security Context Constraint allows running pods as the root user the 'sctp' module should be blacklisted. Please this this Knowledge Base article for more information on how to blacklist a kernel module. https://access.redhat.com/solutions/41278\n "}},"alertDict":{"ja":null,"en":null}},"CVE-2019-3892":{"cveID":"CVE-2019-3892","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"nvd":{"type":"nvd","cveID":"CVE-2019-3892","title":"","summary":"** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-11599. Reason: This candidate is a reservation duplicate of CVE-2019-11599. Notes: All CVE users should reference CVE-2019-11599 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-3892","published":"2019-04-30T07:15:00Z","lastModified":"2019-04-30T07:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-3892","title":"CVE-2019-3892 kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping","summary":"** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-11599. Reason: This candidate is a reservation duplicate of CVE-2019-11599. Notes: All CVE users should reference CVE-2019-11599 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.\nA race condition was found between between mmget_not_zero()/get_task_mm() when core dumping tasks. A local attacker is able to exploit race condition where locking of semaphore would allow an attacker to leak kernel memory to userspace.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":3.3,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-3892","cweIDs":["CWE-667"],"published":"2019-04-04T02:55:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-5436":{"cveID":"CVE-2019-5436","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"curl","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-5436","title":"libcurl におけるバッファエラーの脆弱性","summary":"libcurl には、バッファエラーの脆弱性が存在します。","cvss2Score":4.6,"cvss2Vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"Medium","cvss3Score":7.8,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-004875.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5436","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-5436","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-119.html","refID":""}],"published":"2019-06-11T14:56:00+09:00","lastModified":"2019-06-11T14:56:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-5436","title":"","summary":"A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.","cvss2Score":4.6,"cvss2Vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"MEDIUM","cvss3Score":7.8,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"HIGH","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-5436","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00008.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00017.html","refID":""},{"source":"","link":"https://curl.haxx.se/docs/CVE-2019-5436.html","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SMG3V4VTX2SE3EW3HQTN3DDLQBTORQC2/","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190606-0004/","refID":""},{"source":"","link":"https://support.f5.com/csp/article/K55133295","refID":""}],"cweIDs":["CWE-119"],"published":"2019-05-28T19:29:00Z","lastModified":"2019-06-09T05:29:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-5436","title":"CVE-2019-5436 curl: TFTP receive heap buffer overflow in tftp_receive_packet() function","summary":"A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3Severity":"Low","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-5436","cweIDs":["CWE-122"],"published":"2019-05-22T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-5482":{"cveID":"CVE-2019-5482","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"curl","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-5482","title":"cURL における古典的バッファオーバーフローの脆弱性","summary":"cURL には、古典的バッファオーバーフローの脆弱性が存在します。","cvss2Score":7.5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"High","cvss3Score":9.8,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"Critical","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-009397.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-5482","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/120.html","refID":""}],"published":"2019-09-19T17:25:00+09:00","lastModified":"2019-09-19T17:25:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-5482","title":"","summary":"Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.","cvss2Score":7.5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"HIGH","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-5482","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00048.html","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00055.html","refID":""},{"source":"","link":"https://curl.haxx.se/docs/CVE-2019-5482.html","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6CI4QQ2RSZX4VCFM76SIWGKY6BY7UWIC/","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGDVKSLY5JUNJRLYRUA6CXGQ2LM63XC3/","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UA7KDM2WPM5CJDDGOEGFV6SSGD2J7RNT/","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20191004-0003/","refID":""}],"cweIDs":["CWE-120"],"published":"2019-09-16T19:15:00Z","lastModified":"2019-09-18T00:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-5482","title":"CVE-2019-5482 curl: heap buffer overflow in function tftp_receive_packet()","summary":"Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":6.3,"cvss3Vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-5482","references":[{"source":"","link":"https://curl.haxx.se/docs/CVE-2019-5482.html","refID":""}],"cweIDs":["CWE-122"],"published":"2019-09-11T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":"\nDo not use TFTP with curl with smaller than the default BLKSIZE.\n "}},"alertDict":{"ja":null,"en":null}},"CVE-2019-5827":{"cveID":"CVE-2019-5827","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"sqlite","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-5827","title":"Google Chrome における整数オーバーフローの脆弱性","summary":"Google Chrome には、整数オーバーフローの脆弱性が存在します。","cvss2Score":6.8,"cvss2Vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","cvss2Severity":"Medium","cvss3Score":8.8,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-005835.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5827","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-5827","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/190.html","refID":""}],"published":"2019-07-02T14:00:00+09:00","lastModified":"2019-07-02T14:00:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-5827","title":"","summary":"Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","cvss2Score":6.8,"cvss2Vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","cvss2Severity":"MEDIUM","cvss3Score":8.8,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3Severity":"HIGH","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-5827","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html","refID":""},{"source":"","link":"https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html","refID":""},{"source":"","link":"https://crbug.com/952406","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/","refID":""},{"source":"","link":"https://seclists.org/bugtraq/2019/Aug/19","refID":""},{"source":"","link":"https://www.debian.org/security/2019/dsa-4500","refID":""}],"cweIDs":["CWE-190"],"published":"2019-06-27T17:15:00Z","lastModified":"2019-07-25T04:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-5827","title":"CVE-2019-5827 chromium-browser: out-of-bounds access in SQLite","summary":"Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":8.8,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3Severity":"Important","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-5827","references":[{"source":"","link":"https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html","refID":""}],"cweIDs":["CWE-125"],"published":"2019-04-30T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-6109":{"cveID":"CVE-2019-6109","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"openssh","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-6109","title":"OpenSSH におけるアクセス制御に関する脆弱性","summary":"OpenSSH には、アクセス制御に関する脆弱性が存在します。","cvss2Score":4,"cvss2Vector":"AV:N/AC:H/Au:N/C:P/I:P/A:N","cvss2Severity":"Medium","cvss3Score":6.8,"cvss3Vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-001217.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6109","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-6109","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/284.html","refID":""}],"published":"2019-02-14T14:42:00+09:00","lastModified":"2019-02-14T14:42:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-6109","title":"","summary":"An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.","cvss2Score":4,"cvss2Vector":"AV:N/AC:H/Au:N/C:P/I:P/A:N","cvss2Severity":"MEDIUM","cvss3Score":6.8,"cvss3Vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-6109","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00058.html","refID":""},{"source":"","link":"https://cvsweb.openbsd.org/src/usr.bin/ssh/progressmeter.c","refID":""},{"source":"","link":"https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W3YVQ2BPTOVDCFDVNC2GGF5P5ISFG37G/","refID":""},{"source":"","link":"https://security.gentoo.org/glsa/201903-16","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190213-0001/","refID":""},{"source":"","link":"https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt","refID":""},{"source":"","link":"https://usn.ubuntu.com/3885-1/","refID":""},{"source":"","link":"https://www.debian.org/security/2019/dsa-4387","refID":""}],"cweIDs":["CWE-284"],"published":"2019-01-31T18:29:00Z","lastModified":"2019-05-04T02:29:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-6109","title":"CVE-2019-6109 openssh: Missing character encoding in progress display allows for spoofing of scp client output","summary":"An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":3.1,"cvss3Vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3Severity":"Low","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-6109","references":[{"source":"","link":"https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt","refID":""}],"cweIDs":["CWE-451"],"published":"2018-11-16T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":"\nThis issue only affects the users of scp binary which is a part of openssh-clients package. Other usage of SSH protocol or other ssh clients is not affected. Administrators can uninstall openssh-clients for additional protection against accidental usage of this binary. Removing the openssh-clients package will make binaries like scp and ssh etc unavailable on that system.\n\nNote: To exploit this flaw, the victim needs to connect to a malicious SSH server or MITM (Man-in-the-middle) the scp connection, both of which can be detected by the system administrator via a change in the host key of the SSH server. Further, if connections via scp are made to only trusted SSH servers, then those use-cases are not vulnerable to this security flaw.\n "}},"alertDict":{"ja":null,"en":null}},"CVE-2019-6110":{"cveID":"CVE-2019-6110","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"openssh","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-6110","title":"OpenSSH におけるアクセス制御に関する脆弱性","summary":"OpenSSH には、アクセス制御に関する脆弱性が存在します。","cvss2Score":4,"cvss2Vector":"AV:N/AC:H/Au:N/C:P/I:P/A:N","cvss2Severity":"Medium","cvss3Score":6.8,"cvss3Vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-001595.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6110","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-6110","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/284.html","refID":""}],"published":"2019-03-15T16:11:00+09:00","lastModified":"2019-03-15T16:11:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-6110","title":"","summary":"In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.","cvss2Score":4,"cvss2Vector":"AV:N/AC:H/Au:N/C:P/I:P/A:N","cvss2Severity":"MEDIUM","cvss3Score":6.8,"cvss3Vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-6110","references":[{"source":"","link":"https://cvsweb.openbsd.org/src/usr.bin/ssh/progressmeter.c","refID":""},{"source":"","link":"https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c","refID":""},{"source":"","link":"https://security.gentoo.org/glsa/201903-16","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190213-0001/","refID":""},{"source":"","link":"https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt","refID":""},{"source":"","link":"https://www.exploit-db.com/exploits/46193/","refID":""}],"cweIDs":["CWE-284"],"published":"2019-01-31T18:29:00Z","lastModified":"2019-04-18T15:27:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-6110","title":"CVE-2019-6110 openssh: Acceptance and display of arbitrary stderr allows for spoofing of scp client output","summary":"In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":3.1,"cvss3Vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3Severity":"Low","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-6110","references":[{"source":"","link":"https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt","refID":""}],"cweIDs":["CWE-451"],"published":"2018-11-16T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":"\nThis issue only affects the users of scp binary which is a part of openssh-clients package. Other usage of SSH protocol or other ssh clients is not affected. Administrators can uninstall openssh-clients for additional protection against accidental usage of this binary. Removing the openssh-clients package will make binaries like scp and ssh etc unavailable on that system.\n\nNote: To exploit this flaw, the victim needs to connect to a malicious SSH server or MITM (Man-in-the-middle) the scp connection, both of which can be detected by the system administrator via a change in the host key of the SSH server. Further, if connections via scp are made to only trusted SSH servers, then those use-cases are not vulnerable to this security flaw.\n "}},"exploits":[{"exploitType":"OffensiveSecurity","id":"46193","url":"https://www.exploit-db.com/exploits/46193","description":"SCP Client - Multiple Vulnerabilities (SSHtranger Things)","documentURL":"https://github.com/offensive-security/exploitdb/exploits/multiple/remote/46193.py"}],"alertDict":{"ja":null,"en":null}},"CVE-2019-8457":{"cveID":"CVE-2019-8457","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"sqlite","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-8457","title":"SQLite3 における境界外読み取りに関する脆弱性","summary":"SQLite3 には、境界外読み取りに関する脆弱性が存在します。","cvss2Score":7.5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"High","cvss3Score":9.8,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"Critical","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-004920.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-8457","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/125.html","refID":""}],"published":"2019-06-12T13:35:00+09:00","lastModified":"2019-06-12T13:35:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-8457","title":"","summary":"SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.","cvss2Score":7.5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"HIGH","cvss3Score":9.8,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"CRITICAL","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-8457","references":[{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190606-0002/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4004-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4004-2/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4019-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4019-2/","refID":""},{"source":"","link":"https://www.sqlite.org/releaselog/3_28_0.html","refID":""},{"source":"","link":"https://www.sqlite.org/src/info/90acdbfce9c08858","refID":""}],"cweIDs":["CWE-125"],"published":"2019-05-30T16:29:00Z","lastModified":"2019-06-06T08:29:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-8457","title":"CVE-2019-8457 sqlite3: heap out-of-bound read in function rtreenode()","summary":"SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":7.3,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-8457","cweIDs":["CWE-125"],"published":"2019-03-20T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-9169":{"cveID":"CVE-2019-9169","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"glibc","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-9169","title":"GNU C Library における境界外読み取りに関する脆弱性","summary":"GNU C Library (別名 glibc および libc6) には、境界外読み取りに関する脆弱性が存在します。","cvss2Score":7.5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"High","cvss3Score":9.8,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"Critical","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-002028.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9169","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-9169","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/125.html","refID":""}],"published":"2019-04-01T17:07:00+09:00","lastModified":"2019-04-01T17:07:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-9169","title":"","summary":"In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.","cvss2Score":7.5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"HIGH","cvss3Score":9.8,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"CRITICAL","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-9169","references":[{"source":"","link":"http://www.securityfocus.com/bid/107160","refID":""},{"source":"","link":"https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140","refID":""},{"source":"","link":"https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142","refID":""},{"source":"","link":"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10278","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190315-0002/","refID":""},{"source":"","link":"https://sourceware.org/bugzilla/show_bug.cgi?id=24114","refID":""},{"source":"","link":"https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=583dd860d5b833037175247230a328f0050dbfe9","refID":""},{"source":"","link":"https://support.f5.com/csp/article/K54823184","refID":""}],"cweIDs":["CWE-125"],"published":"2019-02-26T02:29:00Z","lastModified":"2019-04-16T05:29:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-9169","title":"CVE-2019-9169 glibc: regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read","summary":"In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":6.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-9169","cweIDs":["CWE-125"],"published":"2019-01-20T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-9500":{"cveID":"CVE-2019-9500","confidences":[{"score":100,"detectionMethod":"OvalMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":false,"fixState":""},{"name":"kernel-tools","notFixedYet":false,"fixState":""},{"name":"kernel-tools-libs","notFixedYet":false,"fixState":""},{"name":"python-perf","notFixedYet":false,"fixState":""}],"distroAdvisories":[{"advisoryID":"RHSA-2019:2600","severity":"Important","issued":"2019-09-04T00:00:00Z","updated":"2019-09-03T00:00:00Z","description":"The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\n* kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results (CVE-2019-9500)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* [mlx4] VXLAN over VLAN TCP segmentation (BZ#1734333)\n\n* Race condition in /dev/sg due to missing synchronization causes corruption in RHV (BZ#1737380)\n\n* panic handing smb2_reconnect due to a use after free (BZ#1737382)\n\n* NFSv4.1 client stuck in infinite loop when received NFS4ERR_SEQ_MISORDERED error (BZ#1739077)\n\n* Backport TCP follow-up for small buffers (BZ#1739130)"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-9500","title":"Broadcom 製 Wi-Fi チップセット向けの複数のドライバに複数の脆弱性","summary":"Broadcom 製 Wi-Fi チップセット用 Broadcom wl ドライバおよびオープンソースの brcmfmac ドライバには複数の脆弱性が存在します。\n\nBroadcom wl ドライバの脆弱性:\nクライアントがアクセスポイント (AP) との間で行う 4-way ハンドシェイク中の EAPOL メッセージ 3 の解析処理には、2つのヒープバッファオーバーフローが存在します。\n\nヒープバッファオーバーフロー - CVE-2019-9501\n32 バイトを超えるベンダ情報要素を処理することで、wlc_wpa_sup_eapol 関数でヒープバッファオーバーフローが発生します。\nヒープバッファオーバーフロー - CVE-2019-9502\nベンダ情報要素のデータ長が164 バイトより大きい場合、wlc_wpa_plumb_gtk 関数でヒープバッファオーバーフローが発生します。\n\nNOTE: Broadcom wl ドライバを SoftMAC チップセットで使用している場合、これらのバッファオーバフローはカーネル内で発生します。FullMAC チップセットで使用している場合、これらのバッファオーバフローはチップセットのファームウェア内で発生します。\n\n\nオープンソースの brcmfmac ドライバに存在する脆弱性:\nbrcmfmac ドライバは Broadcom FullMAC チップセットでのみ動作するドライバです。\n\nフレーム検証回避の脆弱性 - CVE-2019-9503\nbrcmfmac ドライバでは、リモートソースからファームウェアイベントフレームを受信した場合には is_wlc_event_frame 関数によってこのフレームを破棄し、ホストからファームウェアイベントフレームを受信した場合には適切なハンドラを呼び出すように作られています。\nしかし、チップセットを接続するバスが USBの場合(例えば Wi-Fi ドングルなど)、上記の送信元に応じたフレーム検証処理が回避され、リモートソースからのファームウェアイベントフレームを処理させられる可能性があります。\nヒープバッファオーバーフロー - CVE-2019-9500\nWake-up on Wireless LAN 機能を有効に設定している場合、細工されたイベントフレームを処理することで、brcmf_wowl_nd_results 関数でヒープバッファオーバーフローが発生する可能性があります。\nまた、フレーム検証回避の脆弱性 (CVE-2019-9503) と組み合わせることで、遠隔からの攻撃に悪用される可能性があります。\n","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-002702.html","references":[{"source":"JVN","link":"https://jvn.jp/vu/JVNVU90663693/","refID":""},{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9501","refID":""},{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9502","refID":""},{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9503","refID":""},{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9500","refID":""},{"source":"CERT-VN","link":"https://www.kb.cert.org/vuls/id/166939/","refID":""},{"source":"関連文書","link":"https://blog.quarkslab.com/reverse-engineering-broadcom-wireless-chipsets.html","refID":""},{"source":"関連文書","link":"https://lore.kernel.org/linux-wireless/1550148232-4309-1-git-send-email-arend.vanspriel@broadcom.com/","refID":""},{"source":"関連文書","link":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a4176ec356c73a46c07c181c6d04039fafa34a9f","refID":""},{"source":"関連文書","link":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1b5e2423164b3670e8bc9174e4762d297990deff","refID":""}],"published":"2019-04-19T15:22:00+09:00","lastModified":"2019-04-19T15:22:00+09:00","mitigation":""},"redhat":{"type":"redhat","cveID":"CVE-2019-9500","title":"RHSA-2019:2600: kernel security and bug fix update (Important)","summary":"The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\n* kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results (CVE-2019-9500)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* [mlx4] VXLAN over VLAN TCP segmentation (BZ#1734333)\n\n* Race condition in /dev/sg due to missing synchronization causes corruption in RHV (BZ#1737380)\n\n* panic handing smb2_reconnect due to a use after free (BZ#1737382)\n\n* NFSv4.1 client stuck in infinite loop when received NFS4ERR_SEQ_MISORDERED error (BZ#1739077)\n\n* Backport TCP follow-up for small buffers (BZ#1739130)","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"Important","cvss3Score":6.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H","cvss3Severity":"","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-9500","references":[{"source":"RHSA","link":"https://access.redhat.com/errata/RHSA-2019:2600","refID":"RHSA-2019:2600"},{"source":"CVE","link":"https://access.redhat.com/security/cve/CVE-2019-1125","refID":"CVE-2019-1125"},{"source":"CVE","link":"https://access.redhat.com/security/cve/CVE-2019-9500","refID":"CVE-2019-9500"}],"cweIDs":["CWE-122"],"published":"2019-09-04T00:00:00Z","lastModified":"2019-09-03T00:00:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-9500","title":"CVE-2019-9500 kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results","summary":"If the Wake-up on Wireless LAN functionality is configured in the brcmfmac driver, which only works with Broadcom FullMAC chipsets, a malicious event frame can be constructed to trigger a heap buffer overflow in the brcmf_wowl_nd_results() function. This vulnerability can be exploited by compromised chipsets to compromise the host, or when used in combination with another brcmfmac driver flaw (CVE-2019-9503), can be used remotely. This can result in a remote denial of service (DoS). Due to the nature of the flaw, a remote privilege escalation cannot be fully ruled out.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":6.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H","cvss3Severity":"Important","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-9500","references":[{"source":"","link":"https://kb.cert.org/vuls/id/166939/\n\nhttps://blog.quarkslab.com/reverse-engineering-broadcom-wireless-chipsets.html#cve-2019-9500-heap-buffer-overflow-in-brcmf-wowl-nd-results\n\nhttps://www.bleepingcomputer.com/news/security/broadcom-wifi-driver-flaws-expose-computers-phones-iot-to-rce-attacks/","refID":""}],"cweIDs":["CWE-122"],"published":"2019-02-19T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-9503":{"cveID":"CVE-2019-9503","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-9503","title":"Broadcom 製 Wi-Fi チップセット向けの複数のドライバに複数の脆弱性","summary":"Broadcom 製 Wi-Fi チップセット用 Broadcom wl ドライバおよびオープンソースの brcmfmac ドライバには複数の脆弱性が存在します。\n\nBroadcom wl ドライバの脆弱性:\nクライアントがアクセスポイント (AP) との間で行う 4-way ハンドシェイク中の EAPOL メッセージ 3 の解析処理には、2つのヒープバッファオーバーフローが存在します。\n\nヒープバッファオーバーフロー - CVE-2019-9501\n32 バイトを超えるベンダ情報要素を処理することで、wlc_wpa_sup_eapol 関数でヒープバッファオーバーフローが発生します。\nヒープバッファオーバーフロー - CVE-2019-9502\nベンダ情報要素のデータ長が164 バイトより大きい場合、wlc_wpa_plumb_gtk 関数でヒープバッファオーバーフローが発生します。\n\nNOTE: Broadcom wl ドライバを SoftMAC チップセットで使用している場合、これらのバッファオーバフローはカーネル内で発生します。FullMAC チップセットで使用している場合、これらのバッファオーバフローはチップセットのファームウェア内で発生します。\n\n\nオープンソースの brcmfmac ドライバに存在する脆弱性:\nbrcmfmac ドライバは Broadcom FullMAC チップセットでのみ動作するドライバです。\n\nフレーム検証回避の脆弱性 - CVE-2019-9503\nbrcmfmac ドライバでは、リモートソースからファームウェアイベントフレームを受信した場合には is_wlc_event_frame 関数によってこのフレームを破棄し、ホストからファームウェアイベントフレームを受信した場合には適切なハンドラを呼び出すように作られています。\nしかし、チップセットを接続するバスが USBの場合(例えば Wi-Fi ドングルなど)、上記の送信元に応じたフレーム検証処理が回避され、リモートソースからのファームウェアイベントフレームを処理させられる可能性があります。\nヒープバッファオーバーフロー - CVE-2019-9500\nWake-up on Wireless LAN 機能を有効に設定している場合、細工されたイベントフレームを処理することで、brcmf_wowl_nd_results 関数でヒープバッファオーバーフローが発生する可能性があります。\nまた、フレーム検証回避の脆弱性 (CVE-2019-9503) と組み合わせることで、遠隔からの攻撃に悪用される可能性があります。\n","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-002702.html","published":"2019-04-19T15:22:00+09:00","lastModified":"2019-04-19T15:22:00+09:00","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-9503","title":"CVE-2019-9503 kernel: brcmfmac frame validation bypass","summary":"If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be discarded and not be processed. If the driver receives the firmware event frame from the host, the appropriate handler is called. This frame validation can be bypassed if the bus used is USB (for instance by a WiFi dongle). This can allow firmware event frames from a remote source to be processed and this can result in denial of service (DoS) condition.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":5.9,"cvss3Vector":"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-9503","references":[{"source":"","link":"https://kb.cert.org/vuls/id/166939/\n\nhttps://blog.quarkslab.com/reverse-engineering-broadcom-wireless-chipsets.html#cve-2019-9503-remotely-sending-firmware-events-bypassing-is-wlc-event-frame\n\nhttps://www.bleepingcomputer.com/news/security/broadcom-wifi-driver-flaws-expose-computers-phones-iot-to-rce-attacks/","refID":""}],"cweIDs":["CWE-20"],"published":"2019-02-19T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-9506":{"cveID":"CVE-2019-9506","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"kernel","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-9506","title":"Bluetooth BR/EDR での暗号鍵エントロピーのネゴシエーションにおける問題","summary":"Bluetooth BR/EDR 接続での暗号化で用いられる暗号鍵のエントロピーのネゴシエーションには、仕様上、中間者による攻撃に脆弱な問題があります。\n第三者が、Bluetooth BR/EDR で接続するデバイスに対し、通信で用いられる暗号鍵のエントロピーを 1バイトに強制する (Key Negotiation Of Bluetooth (KNOB) attack) ことで、以降の通信を総当たり攻撃 (Brute force attack) により復号して内容を傍受できる可能性があります。\n\nBluetooth は、Bluetooth Basic Rate / Enhanced Data Rate (Bluetooth BR/EDR) コア構成を含む6種の異なるコア仕様に基づいた近距離の無線技術で、低出力の近距離通信に使用されます。\nBluetooth の暗号化通信を確立するには、2つの Bluetooth デバイスがペアリングし、リンク層での暗号化に用いる暗号鍵の生成に使用するリンクキーを確立する必要があります。暗号鍵のエントロピーは、1バイトから 16バイトの長さで Bluetooth コントローラ間で設定されます。\n攻撃者がコントローラ間の暗号鍵エントロピー設定要求に割り込み、各コントローラが低いエントロピー設定を受け入れた場合に、低いエントロピーによる暗号化通信が強制され、結果として総当たり攻撃 (Brute force attack) により、デバイス間の通信を容易に復号される可能性があります。","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":0,"cvss3Vector":"","cvss3Severity":"","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-007618.html","references":[{"source":"JVN","link":"https://jvn.jp/vu/JVNVU90240762/","refID":""},{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9506","refID":""},{"source":"CERT-VN","link":"https://www.kb.cert.org/vuls/id/918987/","refID":""},{"source":"関連文書","link":"https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli","refID":""}],"published":"2019-08-16T10:39:00+09:00","lastModified":"2019-08-16T10:39:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-9506","title":"","summary":"The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka \"KNOB\") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.","cvss2Score":4.8,"cvss2Vector":"AV:A/AC:L/Au:N/C:P/I:P/A:N","cvss2Severity":"MEDIUM","cvss3Score":8.1,"cvss3Vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3Severity":"HIGH","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-9506","references":[{"source":"","link":"http://seclists.org/fulldisclosure/2019/Aug/11","refID":""},{"source":"","link":"http://seclists.org/fulldisclosure/2019/Aug/13","refID":""},{"source":"","link":"http://seclists.org/fulldisclosure/2019/Aug/14","refID":""},{"source":"","link":"http://seclists.org/fulldisclosure/2019/Aug/15","refID":""},{"source":"","link":"http://www.cs.ox.ac.uk/publications/publication12404-abstract.html","refID":""},{"source":"","link":"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en","refID":""},{"source":"","link":"https://usn.ubuntu.com/4115-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4118-1/","refID":""},{"source":"","link":"https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/","refID":""},{"source":"","link":"https://www.kb.cert.org/vuls/id/918987/","refID":""},{"source":"","link":"https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli","refID":""}],"cweIDs":["CWE-310"],"published":"2019-08-14T17:15:00Z","lastModified":"2019-08-28T11:15:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-9506","title":"CVE-2019-9506 hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)","summary":"The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka \"KNOB\") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.\nA flaw was discovered in the Bluetooth protocol. An attacker within physical proximity to the Bluetooth connection could downgrade the encryption protocol to be trivially brute forced.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":7,"cvss3Vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L","cvss3Severity":"Important","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-9506","cweIDs":["CWE-327"],"published":"2019-08-10T09:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":"\nAt this time there is no known mitigation if bluetooth hardware is to be continue to be used. Replacing the hardware with its wired version and disabling bluetooth may be a suitable alternative for some environments.\n "}},"alertDict":{"ja":null,"en":[{"url":"https://www.kb.cert.org/vuls/id/918987/","title":"VU#918987 - Bluetooth BR/EDR supported devices are vulnerable to key negotiation attackssearchmenuicon-carat-rightcmu-wordmark","team":"us"}]}},"CVE-2019-9633":{"cveID":"CVE-2019-9633","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"glib2","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-9633","title":"GNOME GLib における入力確認に関する脆弱性","summary":"GNOME GLib には、入力確認に関する脆弱性が存在します。","cvss2Score":4.3,"cvss2Vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","cvss2Severity":"Medium","cvss3Score":6.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-002410.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9633","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-9633","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-20.html","refID":""}],"published":"2019-04-08T18:08:00+09:00","lastModified":"2019-04-08T18:08:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-9633","title":"","summary":"gio/gsocketclient.c in GNOME GLib 2.59.2 does not ensure that a parent GTask remains alive during the execution of a connection-attempting enumeration, which allows remote attackers to cause a denial of service (g_socket_client_connected_callback mishandling and application crash) via a crafted web site, as demonstrated by GNOME Web (aka Epiphany).","cvss2Score":4.3,"cvss2Vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","cvss2Severity":"MEDIUM","cvss3Score":6.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-9633","references":[{"source":"","link":"http://www.securityfocus.com/bid/107391","refID":""},{"source":"","link":"https://gitlab.gnome.org/GNOME/glib/issues/1649","refID":""}],"cweIDs":["CWE-20"],"published":"2019-03-08T08:29:00Z","lastModified":"2019-03-14T18:16:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-9633","title":"CVE-2019-9633 glib: g_socket_client_connected_callback in gio/gsocketclient.c allows to cause denial of service","summary":"gio/gsocketclient.c in GNOME GLib 2.59.2 does not ensure that a parent GTask remains alive during the execution of a connection-attempting enumeration, which allows remote attackers to cause a denial of service (g_socket_client_connected_callback mishandling and application crash) via a crafted web site, as demonstrated by GNOME Web (aka Epiphany).","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":8.2,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-9633","cweIDs":["CWE-20","CWE-400"],"published":"2019-01-29T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-9705":{"cveID":"CVE-2019-9705","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"cronie","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-9705","title":"Vixie Cron および Debian パッケージにおけるリソースの枯渇に関する脆弱性","summary":"Vixie Cron および Debian パッケージには、リソースの枯渇に関する脆弱性が存在します。","cvss2Score":2.1,"cvss2Vector":"AV:L/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"Low","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"Medium","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-002401.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9705","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-9705","refID":""},{"source":"関連文書","link":"http://www.securityfocus.com/bid/107378","refID":""},{"source":"","link":"https://cwe.mitre.org/data/definitions/400.html","refID":""}],"published":"2019-04-08T17:35:00+09:00","lastModified":"2019-04-08T17:35:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-9705","title":"","summary":"Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (memory consumption) via a large crontab file because an unlimited number of lines is accepted.","cvss2Score":2.1,"cvss2Vector":"AV:L/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"LOW","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"MEDIUM","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-9705","references":[{"source":"","link":"http://www.securityfocus.com/bid/107378","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/03/msg00025.html","refID":""},{"source":"","link":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DU7HAUAQR4E4AEBPYLUV6FZ4PHKH6A2/","refID":""},{"source":"","link":"https://salsa.debian.org/debian/cron/commit/26814a26","refID":""}],"cweIDs":["CWE-400"],"published":"2019-03-12T01:29:00Z","lastModified":"2019-03-29T17:41:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-9705","title":"CVE-2019-9705 vixie-cron: memory consumption DoS via a large crontab file","summary":"Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (memory consumption) via a large crontab file because an unlimited number of lines is accepted.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":5.5,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-9705","cweIDs":["CWE-400"],"published":"2019-03-08T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-9893":{"cveID":"CVE-2019-9893","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"libseccomp","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-9893","title":"libseccomp における認可・権限・アクセス制御に関する脆弱性","summary":"libseccomp には、認可・権限・アクセス制御に関する脆弱性が存在します。","cvss2Score":7.5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"High","cvss3Score":9.8,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"Critical","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-002838.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9893","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-9893","refID":""},{"source":"関連文書","link":"https://seclists.org/oss-sec/2019/q1/179","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-264.html","refID":""}],"published":"2019-04-24T14:51:00+09:00","lastModified":"2019-04-24T14:51:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-9893","title":"","summary":"libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able to lead to bypassing seccomp filters and potential privilege escalations.","cvss2Score":7.5,"cvss2Vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","cvss2Severity":"HIGH","cvss3Score":9.8,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"CRITICAL","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-9893","references":[{"source":"","link":"https://github.com/seccomp/libseccomp/issues/139","refID":""},{"source":"","link":"https://seclists.org/oss-sec/2019/q1/179","refID":""},{"source":"","link":"https://security.gentoo.org/glsa/201904-18","refID":""},{"source":"","link":"https://usn.ubuntu.com/4001-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4001-2/","refID":""}],"cweIDs":["CWE-264"],"published":"2019-03-21T16:01:00Z","lastModified":"2019-05-31T01:29:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-9893","title":"CVE-2019-9893 libseccomp: incorrect generation of syscall filters in libseccomp","summary":"libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able to lead to bypassing seccomp filters and potential privilege escalations.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":7.3,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-9893","cweIDs":["CWE-358"],"published":"2019-03-14T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-9923":{"cveID":"CVE-2019-9923","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"tar","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-9923","title":"GNU Tar における NULL ポインタデリファレンスに関する脆弱性","summary":"GNU Tar には、NULL ポインタデリファレンスに関する脆弱性が存在します。","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"Medium","cvss3Score":7.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-002765.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9923","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-9923","refID":""},{"source":"関連文書","link":"https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241","refID":""},{"source":"","link":"http://cwe.mitre.org/data/definitions/476.html","refID":""}],"published":"2019-04-22T16:08:00+09:00","lastModified":"2019-04-22T16:08:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-9923","title":"","summary":"pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.","cvss2Score":5,"cvss2Vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","cvss2Severity":"MEDIUM","cvss3Score":7.5,"cvss3Vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3Severity":"HIGH","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-9923","references":[{"source":"","link":"http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html","refID":""},{"source":"","link":"http://savannah.gnu.org/bugs/?55369","refID":""},{"source":"","link":"https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241","refID":""}],"cweIDs":["CWE-476"],"published":"2019-03-22T08:29:00Z","lastModified":"2019-04-24T19:02:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-9923","title":"CVE-2019-9923 tar: null-pointer dereference in pax_decode_header in sparse.c","summary":"pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":3.3,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3Severity":"Low","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-9923","cweIDs":["CWE-476"],"published":"2019-01-02T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}},"CVE-2019-9924":{"cveID":"CVE-2019-9924","confidences":[{"score":100,"detectionMethod":"RedHatAPIMatch"}],"affectedPackages":[{"name":"bash","notFixedYet":true,"fixState":"Affected"}],"cveContents":{"jvn":{"type":"jvn","cveID":"CVE-2019-9924","title":"Bash における入力確認に関する脆弱性","summary":"Bash には、入力確認に関する脆弱性が存在します。","cvss2Score":7.2,"cvss2Vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","cvss2Severity":"High","cvss3Score":7.8,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"High","sourceLink":"https://jvndb.jvn.jp/ja/contents/2019/JVNDB-2019-002985.html","references":[{"source":"CVE","link":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9924","refID":""},{"source":"NVD","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-9924","refID":""},{"source":"","link":"https://jvndb.jvn.jp/ja/cwe/CWE-20.html","refID":""}],"published":"2019-04-26T17:45:00+09:00","lastModified":"2019-04-26T17:45:00+09:00","mitigation":""},"nvd":{"type":"nvd","cveID":"CVE-2019-9924","title":"","summary":"rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell.","cvss2Score":7.2,"cvss2Vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","cvss2Severity":"HIGH","cvss3Score":7.8,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3Severity":"HIGH","sourceLink":"https://nvd.nist.gov/vuln/detail/CVE-2019-9924","references":[{"source":"","link":"http://git.savannah.gnu.org/cgit/bash.git/tree/CHANGES?h=bash-4.4-testing#n65","refID":""},{"source":"","link":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00049.html","refID":""},{"source":"","link":"https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1803441","refID":""},{"source":"","link":"https://lists.debian.org/debian-lts-announce/2019/03/msg00028.html","refID":""},{"source":"","link":"https://security.netapp.com/advisory/ntap-20190411-0001/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4058-1/","refID":""},{"source":"","link":"https://usn.ubuntu.com/4058-2/","refID":""}],"cweIDs":["CWE-20"],"published":"2019-03-22T08:29:00Z","lastModified":"2019-04-11T22:29:00Z","mitigation":""},"redhat_api":{"type":"redhat_api","cveID":"CVE-2019-9924","title":"CVE-2019-9924 bash: BASH_CMD is writable in restricted bash shells","summary":"rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell.","cvss2Score":0,"cvss2Vector":"","cvss2Severity":"","cvss3Score":5.3,"cvss3Vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","cvss3Severity":"Moderate","sourceLink":"https://access.redhat.com/security/cve/CVE-2019-9924","cweIDs":["CWE-138"],"published":"2019-03-07T00:00:00Z","lastModified":"0001-01-01T00:00:00Z","mitigation":""}},"alertDict":{"ja":null,"en":null}}},"runningKernel":{"release":"3.10.0-1062.el7.x86_64","version":"","rebootRequired":false},"packages":{"NetworkManager":{"name":"NetworkManager","version":"1:1.18.0","release":"5.el7","newVersion":"1:1.18.0","newRelease":"5.el7_7.1","arch":"x86_64","repository":"updates","changelog":{"contents":"","method":""}},"NetworkManager-libnm":{"name":"NetworkManager-libnm","version":"1:1.18.0","release":"5.el7","newVersion":"1:1.18.0","newRelease":"5.el7_7.1","arch":"x86_64","repository":"updates","changelog":{"contents":"","method":""}},"NetworkManager-team":{"name":"NetworkManager-team","version":"1:1.18.0","release":"5.el7","newVersion":"1:1.18.0","newRelease":"5.el7_7.1","arch":"x86_64","repository":"updates","changelog":{"contents":"","method":""}},"NetworkManager-tui":{"name":"NetworkManager-tui","version":"1:1.18.0","release":"5.el7","newVersion":"1:1.18.0","newRelease":"5.el7_7.1","arch":"x86_64","repository":"updates","changelog":{"contents":"","method":""}},"NetworkManager-wifi":{"name":"NetworkManager-wifi","version":"1:1.18.0","release":"5.el7","newVersion":"1:1.18.0","newRelease":"5.el7_7.1","arch":"x86_64","repository":"updates","changelog":{"contents":"","method":""}},"acl":{"name":"acl","version":"2.2.51","release":"14.el7","newVersion":"2.2.51","newRelease":"14.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"aic94xx-firmware":{"name":"aic94xx-firmware","version":"30","release":"6.el7","newVersion":"30","newRelease":"6.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"alsa-firmware":{"name":"alsa-firmware","version":"1.0.28","release":"2.el7","newVersion":"1.0.28","newRelease":"2.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"alsa-lib":{"name":"alsa-lib","version":"1.1.8","release":"1.el7","newVersion":"1.1.8","newRelease":"1.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"alsa-tools-firmware":{"name":"alsa-tools-firmware","version":"1.1.0","release":"1.el7","newVersion":"1.1.0","newRelease":"1.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"audit":{"name":"audit","version":"2.8.5","release":"4.el7","newVersion":"2.8.5","newRelease":"4.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"audit-libs":{"name":"audit-libs","version":"2.8.5","release":"4.el7","newVersion":"2.8.5","newRelease":"4.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"audit-libs-python":{"name":"audit-libs-python","version":"2.8.5","release":"4.el7","newVersion":"2.8.5","newRelease":"4.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"authconfig":{"name":"authconfig","version":"6.2.8","release":"30.el7","newVersion":"6.2.8","newRelease":"30.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"basesystem":{"name":"basesystem","version":"10.0","release":"7.el7.centos","newVersion":"10.0","newRelease":"7.el7.centos","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"bash":{"name":"bash","version":"4.2.46","release":"33.el7","newVersion":"4.2.46","newRelease":"33.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"bind-export-libs":{"name":"bind-export-libs","version":"32:9.11.4","release":"9.P2.el7","newVersion":"32:9.11.4","newRelease":"9.P2.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"binutils":{"name":"binutils","version":"2.27","release":"41.base.el7","newVersion":"2.27","newRelease":"41.base.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"biosdevname":{"name":"biosdevname","version":"0.7.3","release":"2.el7","newVersion":"0.7.3","newRelease":"2.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"btrfs-progs":{"name":"btrfs-progs","version":"4.9.1","release":"1.el7","newVersion":"4.9.1","newRelease":"1.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"bzip2-libs":{"name":"bzip2-libs","version":"1.0.6","release":"13.el7","newVersion":"1.0.6","newRelease":"13.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"ca-certificates":{"name":"ca-certificates","version":"2018.2.22","release":"70.0.el7_5","newVersion":"2018.2.22","newRelease":"70.0.el7_5","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"centos-logos":{"name":"centos-logos","version":"70.0.6","release":"3.el7.centos","newVersion":"70.0.6","newRelease":"3.el7.centos","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"centos-release":{"name":"centos-release","version":"7","release":"7.1908.0.el7.centos","newVersion":"7","newRelease":"7.1908.0.el7.centos","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"checkpolicy":{"name":"checkpolicy","version":"2.5","release":"8.el7","newVersion":"2.5","newRelease":"8.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"chkconfig":{"name":"chkconfig","version":"1.7.4","release":"1.el7","newVersion":"1.7.4","newRelease":"1.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"chrony":{"name":"chrony","version":"3.4","release":"1.el7","newVersion":"3.4","newRelease":"1.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"container-selinux":{"name":"container-selinux","version":"2:2.107","release":"3.el7","newVersion":"2:2.107","newRelease":"3.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"containerd.io":{"name":"containerd.io","version":"1.2.10","release":"3.2.el7","newVersion":"1.2.10","newRelease":"3.2.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"coreutils":{"name":"coreutils","version":"8.22","release":"24.el7","newVersion":"8.22","newRelease":"24.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"cpio":{"name":"cpio","version":"2.11","release":"27.el7","newVersion":"2.11","newRelease":"27.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"cracklib":{"name":"cracklib","version":"2.9.0","release":"11.el7","newVersion":"2.9.0","newRelease":"11.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"cracklib-dicts":{"name":"cracklib-dicts","version":"2.9.0","release":"11.el7","newVersion":"2.9.0","newRelease":"11.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"cronie":{"name":"cronie","version":"1.4.11","release":"23.el7","newVersion":"1.4.11","newRelease":"23.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"cronie-anacron":{"name":"cronie-anacron","version":"1.4.11","release":"23.el7","newVersion":"1.4.11","newRelease":"23.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"crontabs":{"name":"crontabs","version":"1.11","release":"6.20121102git.el7","newVersion":"1.11","newRelease":"6.20121102git.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"cryptsetup-libs":{"name":"cryptsetup-libs","version":"2.0.3","release":"5.el7","newVersion":"2.0.3","newRelease":"5.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"curl":{"name":"curl","version":"7.29.0","release":"54.el7","newVersion":"7.29.0","newRelease":"54.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"cyrus-sasl-lib":{"name":"cyrus-sasl-lib","version":"2.1.26","release":"23.el7","newVersion":"2.1.26","newRelease":"23.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"dbus":{"name":"dbus","version":"1:1.10.24","release":"13.el7_6","newVersion":"1:1.10.24","newRelease":"13.el7_6","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"dbus-glib":{"name":"dbus-glib","version":"0.100","release":"7.el7","newVersion":"0.100","newRelease":"7.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"dbus-libs":{"name":"dbus-libs","version":"1:1.10.24","release":"13.el7_6","newVersion":"1:1.10.24","newRelease":"13.el7_6","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"dbus-python":{"name":"dbus-python","version":"1.1.1","release":"9.el7","newVersion":"1.1.1","newRelease":"9.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"device-mapper":{"name":"device-mapper","version":"7:1.02.158","release":"2.el7","newVersion":"7:1.02.158","newRelease":"2.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"device-mapper-event":{"name":"device-mapper-event","version":"7:1.02.158","release":"2.el7","newVersion":"7:1.02.158","newRelease":"2.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"device-mapper-event-libs":{"name":"device-mapper-event-libs","version":"7:1.02.158","release":"2.el7","newVersion":"7:1.02.158","newRelease":"2.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"device-mapper-libs":{"name":"device-mapper-libs","version":"7:1.02.158","release":"2.el7","newVersion":"7:1.02.158","newRelease":"2.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"device-mapper-persistent-data":{"name":"device-mapper-persistent-data","version":"0.8.5","release":"1.el7","newVersion":"0.8.5","newRelease":"1.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"dhclient":{"name":"dhclient","version":"12:4.2.5","release":"77.el7.centos","newVersion":"12:4.2.5","newRelease":"77.el7.centos","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"dhcp-common":{"name":"dhcp-common","version":"12:4.2.5","release":"77.el7.centos","newVersion":"12:4.2.5","newRelease":"77.el7.centos","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"dhcp-libs":{"name":"dhcp-libs","version":"12:4.2.5","release":"77.el7.centos","newVersion":"12:4.2.5","newRelease":"77.el7.centos","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"diffutils":{"name":"diffutils","version":"3.3","release":"5.el7","newVersion":"3.3","newRelease":"5.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"dmidecode":{"name":"dmidecode","version":"1:3.2","release":"3.el7","newVersion":"1:3.2","newRelease":"3.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"docker-ce":{"name":"docker-ce","version":"3:19.03.3","release":"3.el7","newVersion":"3:19.03.3","newRelease":"3.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"docker-ce-cli":{"name":"docker-ce-cli","version":"1:19.03.3","release":"3.el7","newVersion":"1:19.03.3","newRelease":"3.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"dracut":{"name":"dracut","version":"033","release":"564.el7","newVersion":"033","newRelease":"564.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"dracut-config-rescue":{"name":"dracut-config-rescue","version":"033","release":"564.el7","newVersion":"033","newRelease":"564.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"dracut-network":{"name":"dracut-network","version":"033","release":"564.el7","newVersion":"033","newRelease":"564.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"e2fsprogs":{"name":"e2fsprogs","version":"1.42.9","release":"16.el7","newVersion":"1.42.9","newRelease":"16.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"e2fsprogs-libs":{"name":"e2fsprogs-libs","version":"1.42.9","release":"16.el7","newVersion":"1.42.9","newRelease":"16.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"ebtables":{"name":"ebtables","version":"2.0.10","release":"16.el7","newVersion":"2.0.10","newRelease":"16.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"elfutils-default-yama-scope":{"name":"elfutils-default-yama-scope","version":"0.176","release":"2.el7","newVersion":"0.176","newRelease":"2.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"elfutils-libelf":{"name":"elfutils-libelf","version":"0.176","release":"2.el7","newVersion":"0.176","newRelease":"2.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"elfutils-libs":{"name":"elfutils-libs","version":"0.176","release":"2.el7","newVersion":"0.176","newRelease":"2.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"epel-release":{"name":"epel-release","version":"7","release":"11","newVersion":"7","newRelease":"12","arch":"noarch","repository":"epel","changelog":{"contents":"","method":""}},"ethtool":{"name":"ethtool","version":"2:4.8","release":"10.el7","newVersion":"2:4.8","newRelease":"10.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"expat":{"name":"expat","version":"2.1.0","release":"10.el7_3","newVersion":"2.1.0","newRelease":"10.el7_3","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"file":{"name":"file","version":"5.11","release":"35.el7","newVersion":"5.11","newRelease":"35.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"file-libs":{"name":"file-libs","version":"5.11","release":"35.el7","newVersion":"5.11","newRelease":"35.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"filesystem":{"name":"filesystem","version":"3.2","release":"25.el7","newVersion":"3.2","newRelease":"25.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"findutils":{"name":"findutils","version":"1:4.5.11","release":"6.el7","newVersion":"1:4.5.11","newRelease":"6.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"fipscheck":{"name":"fipscheck","version":"1.4.1","release":"6.el7","newVersion":"1.4.1","newRelease":"6.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"fipscheck-lib":{"name":"fipscheck-lib","version":"1.4.1","release":"6.el7","newVersion":"1.4.1","newRelease":"6.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"firewalld":{"name":"firewalld","version":"0.6.3","release":"2.el7","newVersion":"0.6.3","newRelease":"2.el7_7.1","arch":"noarch","repository":"updates","changelog":{"contents":"","method":""}},"firewalld-filesystem":{"name":"firewalld-filesystem","version":"0.6.3","release":"2.el7","newVersion":"0.6.3","newRelease":"2.el7_7.1","arch":"noarch","repository":"updates","changelog":{"contents":"","method":""}},"freetype":{"name":"freetype","version":"2.8","release":"14.el7","newVersion":"2.8","newRelease":"14.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"fxload":{"name":"fxload","version":"2002_04_11","release":"16.el7","newVersion":"2002_04_11","newRelease":"16.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"gawk":{"name":"gawk","version":"4.0.2","release":"4.el7_3.1","newVersion":"4.0.2","newRelease":"4.el7_3.1","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"gdbm":{"name":"gdbm","version":"1.10","release":"8.el7","newVersion":"1.10","newRelease":"8.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"gettext":{"name":"gettext","version":"0.19.8.1","release":"2.el7","newVersion":"0.19.8.1","newRelease":"2.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"gettext-libs":{"name":"gettext-libs","version":"0.19.8.1","release":"2.el7","newVersion":"0.19.8.1","newRelease":"2.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"git":{"name":"git","version":"1.8.3.1","release":"20.el7","newVersion":"1.8.3.1","newRelease":"20.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"glib2":{"name":"glib2","version":"2.56.1","release":"5.el7","newVersion":"2.56.1","newRelease":"5.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"glibc":{"name":"glibc","version":"2.17","release":"292.el7","newVersion":"2.17","newRelease":"292.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"glibc-common":{"name":"glibc-common","version":"2.17","release":"292.el7","newVersion":"2.17","newRelease":"292.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"gmp":{"name":"gmp","version":"1:6.0.0","release":"15.el7","newVersion":"1:6.0.0","newRelease":"15.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"gnupg2":{"name":"gnupg2","version":"2.0.22","release":"5.el7_5","newVersion":"2.0.22","newRelease":"5.el7_5","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"gobject-introspection":{"name":"gobject-introspection","version":"1.56.1","release":"1.el7","newVersion":"1.56.1","newRelease":"1.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"gpg-pubkey":{"name":"gpg-pubkey","version":"f4a80eb5","release":"53a7ff4b","newVersion":"f4a80eb5","newRelease":"53a7ff4b","arch":"(none)","repository":"","changelog":{"contents":"","method":""}},"gpgme":{"name":"gpgme","version":"1.3.2","release":"5.el7","newVersion":"1.3.2","newRelease":"5.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"gpm-libs":{"name":"gpm-libs","version":"1.20.7","release":"6.el7","newVersion":"1.20.7","newRelease":"6.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"grep":{"name":"grep","version":"2.20","release":"3.el7","newVersion":"2.20","newRelease":"3.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"groff-base":{"name":"groff-base","version":"1.22.2","release":"8.el7","newVersion":"1.22.2","newRelease":"8.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"grub2":{"name":"grub2","version":"1:2.02","release":"0.80.el7.centos","newVersion":"1:2.02","newRelease":"0.80.el7.centos","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"grub2-common":{"name":"grub2-common","version":"1:2.02","release":"0.80.el7.centos","newVersion":"1:2.02","newRelease":"0.80.el7.centos","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"grub2-pc":{"name":"grub2-pc","version":"1:2.02","release":"0.80.el7.centos","newVersion":"1:2.02","newRelease":"0.80.el7.centos","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"grub2-pc-modules":{"name":"grub2-pc-modules","version":"1:2.02","release":"0.80.el7.centos","newVersion":"1:2.02","newRelease":"0.80.el7.centos","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"grub2-tools":{"name":"grub2-tools","version":"1:2.02","release":"0.80.el7.centos","newVersion":"1:2.02","newRelease":"0.80.el7.centos","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"grub2-tools-extra":{"name":"grub2-tools-extra","version":"1:2.02","release":"0.80.el7.centos","newVersion":"1:2.02","newRelease":"0.80.el7.centos","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"grub2-tools-minimal":{"name":"grub2-tools-minimal","version":"1:2.02","release":"0.80.el7.centos","newVersion":"1:2.02","newRelease":"0.80.el7.centos","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"grubby":{"name":"grubby","version":"8.28","release":"26.el7","newVersion":"8.28","newRelease":"26.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"gzip":{"name":"gzip","version":"1.5","release":"10.el7","newVersion":"1.5","newRelease":"10.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"hardlink":{"name":"hardlink","version":"1:1.0","release":"19.el7","newVersion":"1:1.0","newRelease":"19.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"hostname":{"name":"hostname","version":"3.13","release":"3.el7","newVersion":"3.13","newRelease":"3.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"hwdata":{"name":"hwdata","version":"0.252","release":"9.3.el7","newVersion":"0.252","newRelease":"9.3.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"info":{"name":"info","version":"5.1","release":"5.el7","newVersion":"5.1","newRelease":"5.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"initscripts":{"name":"initscripts","version":"9.49.47","release":"1.el7","newVersion":"9.49.47","newRelease":"1.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"iproute":{"name":"iproute","version":"4.11.0","release":"25.el7","newVersion":"4.11.0","newRelease":"25.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"iprutils":{"name":"iprutils","version":"2.4.17.1","release":"2.el7","newVersion":"2.4.17.1","newRelease":"2.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"ipset":{"name":"ipset","version":"7.1","release":"1.el7","newVersion":"7.1","newRelease":"1.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"ipset-libs":{"name":"ipset-libs","version":"7.1","release":"1.el7","newVersion":"7.1","newRelease":"1.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"iptables":{"name":"iptables","version":"1.4.21","release":"33.el7","newVersion":"1.4.21","newRelease":"33.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"iputils":{"name":"iputils","version":"20160308","release":"10.el7","newVersion":"20160308","newRelease":"10.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"irqbalance":{"name":"irqbalance","version":"3:1.0.7","release":"12.el7","newVersion":"3:1.0.7","newRelease":"12.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"ivtv-firmware":{"name":"ivtv-firmware","version":"2:20080701","release":"26.el7","newVersion":"2:20080701","newRelease":"26.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"iwl100-firmware":{"name":"iwl100-firmware","version":"39.31.5.1","release":"72.el7","newVersion":"39.31.5.1","newRelease":"72.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"iwl1000-firmware":{"name":"iwl1000-firmware","version":"1:39.31.5.1","release":"72.el7","newVersion":"1:39.31.5.1","newRelease":"72.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"iwl105-firmware":{"name":"iwl105-firmware","version":"18.168.6.1","release":"72.el7","newVersion":"18.168.6.1","newRelease":"72.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"iwl135-firmware":{"name":"iwl135-firmware","version":"18.168.6.1","release":"72.el7","newVersion":"18.168.6.1","newRelease":"72.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"iwl2000-firmware":{"name":"iwl2000-firmware","version":"18.168.6.1","release":"72.el7","newVersion":"18.168.6.1","newRelease":"72.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"iwl2030-firmware":{"name":"iwl2030-firmware","version":"18.168.6.1","release":"72.el7","newVersion":"18.168.6.1","newRelease":"72.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"iwl3160-firmware":{"name":"iwl3160-firmware","version":"22.0.7.0","release":"72.el7","newVersion":"22.0.7.0","newRelease":"72.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"iwl3945-firmware":{"name":"iwl3945-firmware","version":"15.32.2.9","release":"72.el7","newVersion":"15.32.2.9","newRelease":"72.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"iwl4965-firmware":{"name":"iwl4965-firmware","version":"228.61.2.24","release":"72.el7","newVersion":"228.61.2.24","newRelease":"72.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"iwl5000-firmware":{"name":"iwl5000-firmware","version":"8.83.5.1_1","release":"72.el7","newVersion":"8.83.5.1_1","newRelease":"72.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"iwl5150-firmware":{"name":"iwl5150-firmware","version":"8.24.2.2","release":"72.el7","newVersion":"8.24.2.2","newRelease":"72.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"iwl6000-firmware":{"name":"iwl6000-firmware","version":"9.221.4.1","release":"72.el7","newVersion":"9.221.4.1","newRelease":"72.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"iwl6000g2a-firmware":{"name":"iwl6000g2a-firmware","version":"17.168.5.3","release":"72.el7","newVersion":"17.168.5.3","newRelease":"72.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"iwl6000g2b-firmware":{"name":"iwl6000g2b-firmware","version":"17.168.5.2","release":"72.el7","newVersion":"17.168.5.2","newRelease":"72.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"iwl6050-firmware":{"name":"iwl6050-firmware","version":"41.28.5.1","release":"72.el7","newVersion":"41.28.5.1","newRelease":"72.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"iwl7260-firmware":{"name":"iwl7260-firmware","version":"22.0.7.0","release":"72.el7","newVersion":"22.0.7.0","newRelease":"72.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"iwl7265-firmware":{"name":"iwl7265-firmware","version":"22.0.7.0","release":"72.el7","newVersion":"22.0.7.0","newRelease":"72.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"jansson":{"name":"jansson","version":"2.10","release":"1.el7","newVersion":"2.10","newRelease":"1.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"json-c":{"name":"json-c","version":"0.11","release":"4.el7_0","newVersion":"0.11","newRelease":"4.el7_0","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"kbd":{"name":"kbd","version":"1.15.5","release":"15.el7","newVersion":"1.15.5","newRelease":"15.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"kbd-legacy":{"name":"kbd-legacy","version":"1.15.5","release":"15.el7","newVersion":"1.15.5","newRelease":"15.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"kbd-misc":{"name":"kbd-misc","version":"1.15.5","release":"15.el7","newVersion":"1.15.5","newRelease":"15.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"kernel":{"name":"kernel","version":"3.10.0","release":"1062.el7","newVersion":"3.10.0","newRelease":"1062.1.2.el7","arch":"x86_64","repository":"updates","changelog":{"contents":"","method":""}},"kernel-tools":{"name":"kernel-tools","version":"3.10.0","release":"1062.el7","newVersion":"3.10.0","newRelease":"1062.1.2.el7","arch":"x86_64","repository":"updates","changelog":{"contents":"","method":""}},"kernel-tools-libs":{"name":"kernel-tools-libs","version":"3.10.0","release":"1062.el7","newVersion":"3.10.0","newRelease":"1062.1.2.el7","arch":"x86_64","repository":"updates","changelog":{"contents":"","method":""}},"kexec-tools":{"name":"kexec-tools","version":"2.0.15","release":"33.el7","newVersion":"2.0.15","newRelease":"33.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"keyutils-libs":{"name":"keyutils-libs","version":"1.5.8","release":"3.el7","newVersion":"1.5.8","newRelease":"3.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"kmod":{"name":"kmod","version":"20","release":"25.el7","newVersion":"20","newRelease":"25.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"kmod-libs":{"name":"kmod-libs","version":"20","release":"25.el7","newVersion":"20","newRelease":"25.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"kpartx":{"name":"kpartx","version":"0.4.9","release":"127.el7","newVersion":"0.4.9","newRelease":"127.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"krb5-libs":{"name":"krb5-libs","version":"1.15.1","release":"37.el7_6","newVersion":"1.15.1","newRelease":"37.el7_7.2","arch":"x86_64","repository":"updates","changelog":{"contents":"","method":""}},"less":{"name":"less","version":"458","release":"9.el7","newVersion":"458","newRelease":"9.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libacl":{"name":"libacl","version":"2.2.51","release":"14.el7","newVersion":"2.2.51","newRelease":"14.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libaio":{"name":"libaio","version":"0.3.109","release":"13.el7","newVersion":"0.3.109","newRelease":"13.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libassuan":{"name":"libassuan","version":"2.1.0","release":"3.el7","newVersion":"2.1.0","newRelease":"3.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libattr":{"name":"libattr","version":"2.4.46","release":"13.el7","newVersion":"2.4.46","newRelease":"13.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libblkid":{"name":"libblkid","version":"2.23.2","release":"61.el7","newVersion":"2.23.2","newRelease":"61.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libcap":{"name":"libcap","version":"2.22","release":"10.el7","newVersion":"2.22","newRelease":"10.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libcap-ng":{"name":"libcap-ng","version":"0.7.5","release":"4.el7","newVersion":"0.7.5","newRelease":"4.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libcgroup":{"name":"libcgroup","version":"0.41","release":"21.el7","newVersion":"0.41","newRelease":"21.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libcom_err":{"name":"libcom_err","version":"1.42.9","release":"16.el7","newVersion":"1.42.9","newRelease":"16.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libcroco":{"name":"libcroco","version":"0.6.12","release":"4.el7","newVersion":"0.6.12","newRelease":"4.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libcurl":{"name":"libcurl","version":"7.29.0","release":"54.el7","newVersion":"7.29.0","newRelease":"54.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libdaemon":{"name":"libdaemon","version":"0.14","release":"7.el7","newVersion":"0.14","newRelease":"7.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libdb":{"name":"libdb","version":"5.3.21","release":"25.el7","newVersion":"5.3.21","newRelease":"25.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libdb-utils":{"name":"libdb-utils","version":"5.3.21","release":"25.el7","newVersion":"5.3.21","newRelease":"25.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libdrm":{"name":"libdrm","version":"2.4.97","release":"2.el7","newVersion":"2.4.97","newRelease":"2.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libedit":{"name":"libedit","version":"3.0","release":"12.20121213cvs.el7","newVersion":"3.0","newRelease":"12.20121213cvs.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libestr":{"name":"libestr","version":"0.1.9","release":"2.el7","newVersion":"0.1.9","newRelease":"2.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libfastjson":{"name":"libfastjson","version":"0.99.4","release":"3.el7","newVersion":"0.99.4","newRelease":"3.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libffi":{"name":"libffi","version":"3.0.13","release":"18.el7","newVersion":"3.0.13","newRelease":"18.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libgcc":{"name":"libgcc","version":"4.8.5","release":"39.el7","newVersion":"4.8.5","newRelease":"39.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libgcrypt":{"name":"libgcrypt","version":"1.5.3","release":"14.el7","newVersion":"1.5.3","newRelease":"14.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libgomp":{"name":"libgomp","version":"4.8.5","release":"39.el7","newVersion":"4.8.5","newRelease":"39.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libgpg-error":{"name":"libgpg-error","version":"1.12","release":"3.el7","newVersion":"1.12","newRelease":"3.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libidn":{"name":"libidn","version":"1.28","release":"4.el7","newVersion":"1.28","newRelease":"4.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libmnl":{"name":"libmnl","version":"1.0.3","release":"7.el7","newVersion":"1.0.3","newRelease":"7.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libmount":{"name":"libmount","version":"2.23.2","release":"61.el7","newVersion":"2.23.2","newRelease":"61.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libndp":{"name":"libndp","version":"1.2","release":"9.el7","newVersion":"1.2","newRelease":"9.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libnetfilter_conntrack":{"name":"libnetfilter_conntrack","version":"1.0.6","release":"1.el7_3","newVersion":"1.0.6","newRelease":"1.el7_3","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libnfnetlink":{"name":"libnfnetlink","version":"1.0.1","release":"4.el7","newVersion":"1.0.1","newRelease":"4.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libnl3":{"name":"libnl3","version":"3.2.28","release":"4.el7","newVersion":"3.2.28","newRelease":"4.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libnl3-cli":{"name":"libnl3-cli","version":"3.2.28","release":"4.el7","newVersion":"3.2.28","newRelease":"4.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libpciaccess":{"name":"libpciaccess","version":"0.14","release":"1.el7","newVersion":"0.14","newRelease":"1.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libpipeline":{"name":"libpipeline","version":"1.2.3","release":"3.el7","newVersion":"1.2.3","newRelease":"3.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libpng":{"name":"libpng","version":"2:1.5.13","release":"7.el7_2","newVersion":"2:1.5.13","newRelease":"7.el7_2","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libpwquality":{"name":"libpwquality","version":"1.2.3","release":"5.el7","newVersion":"1.2.3","newRelease":"5.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libseccomp":{"name":"libseccomp","version":"2.3.1","release":"3.el7","newVersion":"2.3.1","newRelease":"3.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libselinux":{"name":"libselinux","version":"2.5","release":"14.1.el7","newVersion":"2.5","newRelease":"14.1.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libselinux-python":{"name":"libselinux-python","version":"2.5","release":"14.1.el7","newVersion":"2.5","newRelease":"14.1.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libselinux-utils":{"name":"libselinux-utils","version":"2.5","release":"14.1.el7","newVersion":"2.5","newRelease":"14.1.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libsemanage":{"name":"libsemanage","version":"2.5","release":"14.el7","newVersion":"2.5","newRelease":"14.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libsemanage-python":{"name":"libsemanage-python","version":"2.5","release":"14.el7","newVersion":"2.5","newRelease":"14.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libsepol":{"name":"libsepol","version":"2.5","release":"10.el7","newVersion":"2.5","newRelease":"10.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libsmartcols":{"name":"libsmartcols","version":"2.23.2","release":"61.el7","newVersion":"2.23.2","newRelease":"61.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libss":{"name":"libss","version":"1.42.9","release":"16.el7","newVersion":"1.42.9","newRelease":"16.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libssh2":{"name":"libssh2","version":"1.8.0","release":"3.el7","newVersion":"1.8.0","newRelease":"3.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libstdc++":{"name":"libstdc++","version":"4.8.5","release":"39.el7","newVersion":"4.8.5","newRelease":"39.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libsysfs":{"name":"libsysfs","version":"2.1.0","release":"16.el7","newVersion":"2.1.0","newRelease":"16.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libtasn1":{"name":"libtasn1","version":"4.10","release":"1.el7","newVersion":"4.10","newRelease":"1.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libteam":{"name":"libteam","version":"1.27","release":"9.el7","newVersion":"1.27","newRelease":"9.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libunistring":{"name":"libunistring","version":"0.9.3","release":"9.el7","newVersion":"0.9.3","newRelease":"9.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libuser":{"name":"libuser","version":"0.60","release":"9.el7","newVersion":"0.60","newRelease":"9.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libutempter":{"name":"libutempter","version":"1.1.6","release":"4.el7","newVersion":"1.1.6","newRelease":"4.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libuuid":{"name":"libuuid","version":"2.23.2","release":"61.el7","newVersion":"2.23.2","newRelease":"61.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libverto":{"name":"libverto","version":"0.2.5","release":"4.el7","newVersion":"0.2.5","newRelease":"4.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libxml2":{"name":"libxml2","version":"2.9.1","release":"6.el7_2.3","newVersion":"2.9.1","newRelease":"6.el7_2.3","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"libxml2-python":{"name":"libxml2-python","version":"2.9.1","release":"6.el7_2.3","newVersion":"2.9.1","newRelease":"6.el7_2.3","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"linux-firmware":{"name":"linux-firmware","version":"20190429","release":"72.gitddde598.el7","newVersion":"20190429","newRelease":"72.gitddde598.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"logrotate":{"name":"logrotate","version":"3.8.6","release":"17.el7","newVersion":"3.8.6","newRelease":"17.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"lsscsi":{"name":"lsscsi","version":"0.27","release":"6.el7","newVersion":"0.27","newRelease":"6.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"lua":{"name":"lua","version":"5.1.4","release":"15.el7","newVersion":"5.1.4","newRelease":"15.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"lvm2":{"name":"lvm2","version":"7:2.02.185","release":"2.el7","newVersion":"7:2.02.185","newRelease":"2.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"lvm2-libs":{"name":"lvm2-libs","version":"7:2.02.185","release":"2.el7","newVersion":"7:2.02.185","newRelease":"2.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"lz4":{"name":"lz4","version":"1.7.5","release":"3.el7","newVersion":"1.7.5","newRelease":"3.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"lzo":{"name":"lzo","version":"2.06","release":"8.el7","newVersion":"2.06","newRelease":"8.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"make":{"name":"make","version":"1:3.82","release":"24.el7","newVersion":"1:3.82","newRelease":"24.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"man-db":{"name":"man-db","version":"2.6.3","release":"11.el7","newVersion":"2.6.3","newRelease":"11.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"mariadb-libs":{"name":"mariadb-libs","version":"1:5.5.64","release":"1.el7","newVersion":"1:5.5.64","newRelease":"1.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"microcode_ctl":{"name":"microcode_ctl","version":"2:2.1","release":"53.el7","newVersion":"2:2.1","newRelease":"53.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"mozjs17":{"name":"mozjs17","version":"17.0.0","release":"20.el7","newVersion":"17.0.0","newRelease":"20.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"ncurses":{"name":"ncurses","version":"5.9","release":"14.20130511.el7_4","newVersion":"5.9","newRelease":"14.20130511.el7_4","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"ncurses-base":{"name":"ncurses-base","version":"5.9","release":"14.20130511.el7_4","newVersion":"5.9","newRelease":"14.20130511.el7_4","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"ncurses-libs":{"name":"ncurses-libs","version":"5.9","release":"14.20130511.el7_4","newVersion":"5.9","newRelease":"14.20130511.el7_4","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"newt":{"name":"newt","version":"0.52.15","release":"4.el7","newVersion":"0.52.15","newRelease":"4.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"newt-python":{"name":"newt-python","version":"0.52.15","release":"4.el7","newVersion":"0.52.15","newRelease":"4.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"nspr":{"name":"nspr","version":"4.21.0","release":"1.el7","newVersion":"4.21.0","newRelease":"1.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"nss":{"name":"nss","version":"3.44.0","release":"4.el7","newVersion":"3.44.0","newRelease":"4.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"nss-pem":{"name":"nss-pem","version":"1.0.3","release":"7.el7","newVersion":"1.0.3","newRelease":"7.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"nss-softokn":{"name":"nss-softokn","version":"3.44.0","release":"5.el7","newVersion":"3.44.0","newRelease":"5.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"nss-softokn-freebl":{"name":"nss-softokn-freebl","version":"3.44.0","release":"5.el7","newVersion":"3.44.0","newRelease":"5.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"nss-sysinit":{"name":"nss-sysinit","version":"3.44.0","release":"4.el7","newVersion":"3.44.0","newRelease":"4.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"nss-tools":{"name":"nss-tools","version":"3.44.0","release":"4.el7","newVersion":"3.44.0","newRelease":"4.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"nss-util":{"name":"nss-util","version":"3.44.0","release":"3.el7","newVersion":"3.44.0","newRelease":"3.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"numactl-libs":{"name":"numactl-libs","version":"2.0.12","release":"3.el7","newVersion":"2.0.12","newRelease":"3.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"openldap":{"name":"openldap","version":"2.4.44","release":"21.el7_6","newVersion":"2.4.44","newRelease":"21.el7_6","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"openssh":{"name":"openssh","version":"7.4p1","release":"21.el7","newVersion":"7.4p1","newRelease":"21.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"openssh-clients":{"name":"openssh-clients","version":"7.4p1","release":"21.el7","newVersion":"7.4p1","newRelease":"21.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"openssh-server":{"name":"openssh-server","version":"7.4p1","release":"21.el7","newVersion":"7.4p1","newRelease":"21.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"openssl":{"name":"openssl","version":"1:1.0.2k","release":"19.el7","newVersion":"1:1.0.2k","newRelease":"19.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"openssl-libs":{"name":"openssl-libs","version":"1:1.0.2k","release":"19.el7","newVersion":"1:1.0.2k","newRelease":"19.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"os-prober":{"name":"os-prober","version":"1.58","release":"9.el7","newVersion":"1.58","newRelease":"9.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"p11-kit":{"name":"p11-kit","version":"0.23.5","release":"3.el7","newVersion":"0.23.5","newRelease":"3.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"p11-kit-trust":{"name":"p11-kit-trust","version":"0.23.5","release":"3.el7","newVersion":"0.23.5","newRelease":"3.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"pam":{"name":"pam","version":"1.1.8","release":"22.el7","newVersion":"1.1.8","newRelease":"22.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"parted":{"name":"parted","version":"3.1","release":"31.el7","newVersion":"3.1","newRelease":"31.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"passwd":{"name":"passwd","version":"0.79","release":"5.el7","newVersion":"0.79","newRelease":"5.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"pciutils-libs":{"name":"pciutils-libs","version":"3.5.1","release":"3.el7","newVersion":"3.5.1","newRelease":"3.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"pcre":{"name":"pcre","version":"8.32","release":"17.el7","newVersion":"8.32","newRelease":"17.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"perl":{"name":"perl","version":"4:5.16.3","release":"294.el7_6","newVersion":"4:5.16.3","newRelease":"294.el7_6","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"perl-Carp":{"name":"perl-Carp","version":"1.26","release":"244.el7","newVersion":"1.26","newRelease":"244.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"perl-Encode":{"name":"perl-Encode","version":"2.51","release":"7.el7","newVersion":"2.51","newRelease":"7.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"perl-Error":{"name":"perl-Error","version":"1:0.17020","release":"2.el7","newVersion":"1:0.17020","newRelease":"2.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"perl-Exporter":{"name":"perl-Exporter","version":"5.68","release":"3.el7","newVersion":"5.68","newRelease":"3.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"perl-File-Path":{"name":"perl-File-Path","version":"2.09","release":"2.el7","newVersion":"2.09","newRelease":"2.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"perl-File-Temp":{"name":"perl-File-Temp","version":"0.23.01","release":"3.el7","newVersion":"0.23.01","newRelease":"3.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"perl-Filter":{"name":"perl-Filter","version":"1.49","release":"3.el7","newVersion":"1.49","newRelease":"3.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"perl-Getopt-Long":{"name":"perl-Getopt-Long","version":"2.40","release":"3.el7","newVersion":"2.40","newRelease":"3.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"perl-Git":{"name":"perl-Git","version":"1.8.3.1","release":"20.el7","newVersion":"1.8.3.1","newRelease":"20.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"perl-HTTP-Tiny":{"name":"perl-HTTP-Tiny","version":"0.033","release":"3.el7","newVersion":"0.033","newRelease":"3.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"perl-PathTools":{"name":"perl-PathTools","version":"3.40","release":"5.el7","newVersion":"3.40","newRelease":"5.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"perl-Pod-Escapes":{"name":"perl-Pod-Escapes","version":"1:1.04","release":"294.el7_6","newVersion":"1:1.04","newRelease":"294.el7_6","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"perl-Pod-Perldoc":{"name":"perl-Pod-Perldoc","version":"3.20","release":"4.el7","newVersion":"3.20","newRelease":"4.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"perl-Pod-Simple":{"name":"perl-Pod-Simple","version":"1:3.28","release":"4.el7","newVersion":"1:3.28","newRelease":"4.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"perl-Pod-Usage":{"name":"perl-Pod-Usage","version":"1.63","release":"3.el7","newVersion":"1.63","newRelease":"3.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"perl-Scalar-List-Utils":{"name":"perl-Scalar-List-Utils","version":"1.27","release":"248.el7","newVersion":"1.27","newRelease":"248.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"perl-Socket":{"name":"perl-Socket","version":"2.010","release":"4.el7","newVersion":"2.010","newRelease":"4.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"perl-Storable":{"name":"perl-Storable","version":"2.45","release":"3.el7","newVersion":"2.45","newRelease":"3.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"perl-TermReadKey":{"name":"perl-TermReadKey","version":"2.30","release":"20.el7","newVersion":"2.30","newRelease":"20.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"perl-Text-ParseWords":{"name":"perl-Text-ParseWords","version":"3.29","release":"4.el7","newVersion":"3.29","newRelease":"4.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"perl-Time-HiRes":{"name":"perl-Time-HiRes","version":"4:1.9725","release":"3.el7","newVersion":"4:1.9725","newRelease":"3.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"perl-Time-Local":{"name":"perl-Time-Local","version":"1.2300","release":"2.el7","newVersion":"1.2300","newRelease":"2.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"perl-constant":{"name":"perl-constant","version":"1.27","release":"2.el7","newVersion":"1.27","newRelease":"2.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"perl-libs":{"name":"perl-libs","version":"4:5.16.3","release":"294.el7_6","newVersion":"4:5.16.3","newRelease":"294.el7_6","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"perl-macros":{"name":"perl-macros","version":"4:5.16.3","release":"294.el7_6","newVersion":"4:5.16.3","newRelease":"294.el7_6","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"perl-parent":{"name":"perl-parent","version":"1:0.225","release":"244.el7","newVersion":"1:0.225","newRelease":"244.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"perl-podlators":{"name":"perl-podlators","version":"2.5.1","release":"3.el7","newVersion":"2.5.1","newRelease":"3.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"perl-threads":{"name":"perl-threads","version":"1.87","release":"4.el7","newVersion":"1.87","newRelease":"4.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"perl-threads-shared":{"name":"perl-threads-shared","version":"1.43","release":"6.el7","newVersion":"1.43","newRelease":"6.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"pinentry":{"name":"pinentry","version":"0.8.1","release":"17.el7","newVersion":"0.8.1","newRelease":"17.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"pkgconfig":{"name":"pkgconfig","version":"1:0.27.1","release":"4.el7","newVersion":"1:0.27.1","newRelease":"4.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"plymouth":{"name":"plymouth","version":"0.8.9","release":"0.32.20140113.el7.centos","newVersion":"0.8.9","newRelease":"0.32.20140113.el7.centos","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"plymouth-core-libs":{"name":"plymouth-core-libs","version":"0.8.9","release":"0.32.20140113.el7.centos","newVersion":"0.8.9","newRelease":"0.32.20140113.el7.centos","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"plymouth-scripts":{"name":"plymouth-scripts","version":"0.8.9","release":"0.32.20140113.el7.centos","newVersion":"0.8.9","newRelease":"0.32.20140113.el7.centos","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"policycoreutils":{"name":"policycoreutils","version":"2.5","release":"33.el7","newVersion":"2.5","newRelease":"33.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"policycoreutils-python":{"name":"policycoreutils-python","version":"2.5","release":"33.el7","newVersion":"2.5","newRelease":"33.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"polkit":{"name":"polkit","version":"0.112","release":"22.el7","newVersion":"0.112","newRelease":"22.el7_7.1","arch":"x86_64","repository":"updates","changelog":{"contents":"","method":""}},"polkit-pkla-compat":{"name":"polkit-pkla-compat","version":"0.1","release":"4.el7","newVersion":"0.1","newRelease":"4.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"popt":{"name":"popt","version":"1.13","release":"16.el7","newVersion":"1.13","newRelease":"16.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"postfix":{"name":"postfix","version":"2:2.10.1","release":"7.el7","newVersion":"2:2.10.1","newRelease":"7.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"procps-ng":{"name":"procps-ng","version":"3.3.10","release":"26.el7","newVersion":"3.3.10","newRelease":"26.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"pth":{"name":"pth","version":"2.0.7","release":"23.el7","newVersion":"2.0.7","newRelease":"23.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"pygpgme":{"name":"pygpgme","version":"0.3","release":"9.el7","newVersion":"0.3","newRelease":"9.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"pyliblzma":{"name":"pyliblzma","version":"0.5.3","release":"11.el7","newVersion":"0.5.3","newRelease":"11.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"python":{"name":"python","version":"2.7.5","release":"86.el7","newVersion":"2.7.5","newRelease":"86.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"python-IPy":{"name":"python-IPy","version":"0.75","release":"6.el7","newVersion":"0.75","newRelease":"6.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"python-chardet":{"name":"python-chardet","version":"2.2.1","release":"3.el7","newVersion":"2.2.1","newRelease":"3.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"python-configobj":{"name":"python-configobj","version":"4.7.2","release":"7.el7","newVersion":"4.7.2","newRelease":"7.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"python-decorator":{"name":"python-decorator","version":"3.4.0","release":"3.el7","newVersion":"3.4.0","newRelease":"3.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"python-firewall":{"name":"python-firewall","version":"0.6.3","release":"2.el7","newVersion":"0.6.3","newRelease":"2.el7_7.1","arch":"noarch","repository":"updates","changelog":{"contents":"","method":""}},"python-gobject-base":{"name":"python-gobject-base","version":"3.22.0","release":"1.el7_4.1","newVersion":"3.22.0","newRelease":"1.el7_4.1","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"python-iniparse":{"name":"python-iniparse","version":"0.4","release":"9.el7","newVersion":"0.4","newRelease":"9.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"python-kitchen":{"name":"python-kitchen","version":"1.1.1","release":"5.el7","newVersion":"1.1.1","newRelease":"5.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"python-libs":{"name":"python-libs","version":"2.7.5","release":"86.el7","newVersion":"2.7.5","newRelease":"86.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"python-linux-procfs":{"name":"python-linux-procfs","version":"0.4.11","release":"4.el7","newVersion":"0.4.11","newRelease":"4.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"python-perf":{"name":"python-perf","version":"3.10.0","release":"1062.el7","newVersion":"3.10.0","newRelease":"1062.1.2.el7","arch":"x86_64","repository":"updates","changelog":{"contents":"","method":""}},"python-pycurl":{"name":"python-pycurl","version":"7.19.0","release":"19.el7","newVersion":"7.19.0","newRelease":"19.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"python-pyudev":{"name":"python-pyudev","version":"0.15","release":"9.el7","newVersion":"0.15","newRelease":"9.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"python-schedutils":{"name":"python-schedutils","version":"0.4","release":"6.el7","newVersion":"0.4","newRelease":"6.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"python-slip":{"name":"python-slip","version":"0.4.0","release":"4.el7","newVersion":"0.4.0","newRelease":"4.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"python-slip-dbus":{"name":"python-slip-dbus","version":"0.4.0","release":"4.el7","newVersion":"0.4.0","newRelease":"4.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"python-urlgrabber":{"name":"python-urlgrabber","version":"3.10","release":"9.el7","newVersion":"3.10","newRelease":"9.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"pyxattr":{"name":"pyxattr","version":"0.5.1","release":"5.el7","newVersion":"0.5.1","newRelease":"5.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"qrencode-libs":{"name":"qrencode-libs","version":"3.4.1","release":"3.el7","newVersion":"3.4.1","newRelease":"3.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"readline":{"name":"readline","version":"6.2","release":"11.el7","newVersion":"6.2","newRelease":"11.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"rootfiles":{"name":"rootfiles","version":"8.1","release":"11.el7","newVersion":"8.1","newRelease":"11.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"rpm":{"name":"rpm","version":"4.11.3","release":"40.el7","newVersion":"4.11.3","newRelease":"40.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"rpm-build-libs":{"name":"rpm-build-libs","version":"4.11.3","release":"40.el7","newVersion":"4.11.3","newRelease":"40.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"rpm-libs":{"name":"rpm-libs","version":"4.11.3","release":"40.el7","newVersion":"4.11.3","newRelease":"40.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"rpm-python":{"name":"rpm-python","version":"4.11.3","release":"40.el7","newVersion":"4.11.3","newRelease":"40.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"rsync":{"name":"rsync","version":"3.1.2","release":"6.el7_6.1","newVersion":"3.1.2","newRelease":"6.el7_6.1","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"rsyslog":{"name":"rsyslog","version":"8.24.0","release":"38.el7","newVersion":"8.24.0","newRelease":"41.el7_7","arch":"x86_64","repository":"updates","changelog":{"contents":"","method":""}},"sed":{"name":"sed","version":"4.2.2","release":"5.el7","newVersion":"4.2.2","newRelease":"5.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"selinux-policy":{"name":"selinux-policy","version":"3.13.1","release":"252.el7","newVersion":"3.13.1","newRelease":"252.el7.1","arch":"noarch","repository":"updates","changelog":{"contents":"","method":""}},"selinux-policy-targeted":{"name":"selinux-policy-targeted","version":"3.13.1","release":"252.el7","newVersion":"3.13.1","newRelease":"252.el7.1","arch":"noarch","repository":"updates","changelog":{"contents":"","method":""}},"setools-libs":{"name":"setools-libs","version":"3.3.8","release":"4.el7","newVersion":"3.3.8","newRelease":"4.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"setup":{"name":"setup","version":"2.8.71","release":"10.el7","newVersion":"2.8.71","newRelease":"10.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"shadow-utils":{"name":"shadow-utils","version":"2:4.6","release":"5.el7","newVersion":"2:4.6","newRelease":"5.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"shared-mime-info":{"name":"shared-mime-info","version":"1.8","release":"4.el7","newVersion":"1.8","newRelease":"4.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"slang":{"name":"slang","version":"2.2.4","release":"11.el7","newVersion":"2.2.4","newRelease":"11.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"snappy":{"name":"snappy","version":"1.1.0","release":"3.el7","newVersion":"1.1.0","newRelease":"3.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"sqlite":{"name":"sqlite","version":"3.7.17","release":"8.el7","newVersion":"3.7.17","newRelease":"8.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"sudo":{"name":"sudo","version":"1.8.23","release":"4.el7","newVersion":"1.8.23","newRelease":"4.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"systemd":{"name":"systemd","version":"219","release":"67.el7","newVersion":"219","newRelease":"67.el7_7.1","arch":"x86_64","repository":"updates","changelog":{"contents":"","method":""}},"systemd-libs":{"name":"systemd-libs","version":"219","release":"67.el7","newVersion":"219","newRelease":"67.el7_7.1","arch":"x86_64","repository":"updates","changelog":{"contents":"","method":""}},"systemd-sysv":{"name":"systemd-sysv","version":"219","release":"67.el7","newVersion":"219","newRelease":"67.el7_7.1","arch":"x86_64","repository":"updates","changelog":{"contents":"","method":""}},"sysvinit-tools":{"name":"sysvinit-tools","version":"2.88","release":"14.dsf.el7","newVersion":"2.88","newRelease":"14.dsf.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"tar":{"name":"tar","version":"2:1.26","release":"35.el7","newVersion":"2:1.26","newRelease":"35.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"tcp_wrappers-libs":{"name":"tcp_wrappers-libs","version":"7.6","release":"77.el7","newVersion":"7.6","newRelease":"77.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"teamd":{"name":"teamd","version":"1.27","release":"9.el7","newVersion":"1.27","newRelease":"9.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"tuned":{"name":"tuned","version":"2.11.0","release":"5.el7","newVersion":"2.11.0","newRelease":"5.el7_7.1","arch":"noarch","repository":"updates","changelog":{"contents":"","method":""}},"tzdata":{"name":"tzdata","version":"2019b","release":"1.el7","newVersion":"2019c","newRelease":"1.el7","arch":"noarch","repository":"updates","changelog":{"contents":"","method":""}},"ustr":{"name":"ustr","version":"1.0.4","release":"16.el7","newVersion":"1.0.4","newRelease":"16.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"util-linux":{"name":"util-linux","version":"2.23.2","release":"61.el7","newVersion":"2.23.2","newRelease":"61.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"vim-common":{"name":"vim-common","version":"2:7.4.629","release":"6.el7","newVersion":"2:7.4.629","newRelease":"6.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"vim-enhanced":{"name":"vim-enhanced","version":"2:7.4.629","release":"6.el7","newVersion":"2:7.4.629","newRelease":"6.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"vim-filesystem":{"name":"vim-filesystem","version":"2:7.4.629","release":"6.el7","newVersion":"2:7.4.629","newRelease":"6.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"vim-minimal":{"name":"vim-minimal","version":"2:7.4.629","release":"6.el7","newVersion":"2:7.4.629","newRelease":"6.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"virt-what":{"name":"virt-what","version":"1.18","release":"4.el7","newVersion":"1.18","newRelease":"4.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"which":{"name":"which","version":"2.20","release":"7.el7","newVersion":"2.20","newRelease":"7.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"wpa_supplicant":{"name":"wpa_supplicant","version":"1:2.6","release":"12.el7","newVersion":"1:2.6","newRelease":"12.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"xfsprogs":{"name":"xfsprogs","version":"4.5.0","release":"20.el7","newVersion":"4.5.0","newRelease":"20.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"xz":{"name":"xz","version":"5.2.2","release":"1.el7","newVersion":"5.2.2","newRelease":"1.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"xz-libs":{"name":"xz-libs","version":"5.2.2","release":"1.el7","newVersion":"5.2.2","newRelease":"1.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"yum":{"name":"yum","version":"3.4.3","release":"163.el7.centos","newVersion":"3.4.3","newRelease":"163.el7.centos","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"yum-metadata-parser":{"name":"yum-metadata-parser","version":"1.1.4","release":"10.el7","newVersion":"1.1.4","newRelease":"10.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}},"yum-plugin-fastestmirror":{"name":"yum-plugin-fastestmirror","version":"1.1.31","release":"52.el7","newVersion":"1.1.31","newRelease":"52.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"yum-utils":{"name":"yum-utils","version":"1.1.31","release":"52.el7","newVersion":"1.1.31","newRelease":"52.el7","arch":"noarch","repository":"","changelog":{"contents":"","method":""}},"zlib":{"name":"zlib","version":"1.2.7","release":"18.el7","newVersion":"1.2.7","newRelease":"18.el7","arch":"x86_64","repository":"","changelog":{"contents":"","method":""}}},"libScanners":null,"cweDict":{"119":{"en":{"cweID":"119","name":"Improper Restriction of Operations within the Bounds of a Memory Buffer","description":"The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.","extendedDescription":""},"owaspTopTen2017":""},"120":{"en":{"cweID":"120","name":"Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')","description":"The program copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.","extendedDescription":"A buffer overflow condition exists when a program attempts to put more data in a buffer than it can hold, or when a program attempts to put data in a memory area outside of the boundaries of a buffer. The simplest type of error, and the most common cause of buffer overflows, is the 'classic' case in which the program copies the buffer without restricting how much is copied. Other variants exist, but the existence of a classic overflow strongly suggests that the programmer is not considering even the most basic of security protections."},"owaspTopTen2017":""},"122":{"en":{"cweID":"122","name":"Heap-based Buffer Overflow","description":"A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().","extendedDescription":""},"owaspTopTen2017":""},"125":{"en":{"cweID":"125","name":"Out-of-bounds Read","description":"The software reads data past the end, or before the beginning, of the intended buffer.","extendedDescription":"This typically occurs when the pointer or its index is incremented or decremented to a position beyond the bounds of the buffer or when pointer arithmetic results in a position outside of the valid memory location to name a few. This may result in corruption of sensitive information, a crash, or code execution among other things."},"owaspTopTen2017":""},"138":{"en":{"cweID":"138","name":"Improper Neutralization of Special Elements","description":"The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as control elements or syntactic markers when they are sent to a downstream component.","extendedDescription":"Most languages and protocols have their own special elements such as characters and reserved words. These special elements can carry control implications. If software does not prevent external control or influence over the inclusion of such special elements, the control flow of the program may be altered from what was intended. For example, both Unix and Windows interpret the symbol \u003c ('less than') as meaning 'read input from a file'."},"owaspTopTen2017":""},"17":{"en":{"cweID":"17","name":"","description":"","extendedDescription":""},"owaspTopTen2017":""},"185":{"en":{"cweID":"185","name":"Incorrect Regular Expression","description":"The software specifies a regular expression in a way that causes data to be improperly matched or compared.","extendedDescription":"When the regular expression is used in protection mechanisms such as filtering or validation, this may allow an attacker to bypass the intended restrictions on the incoming data."},"owaspTopTen2017":""},"189":{"en":{"cweID":"189","name":"","description":"","extendedDescription":""},"owaspTopTen2017":""},"19":{"en":{"cweID":"19","name":"","description":"","extendedDescription":""},"owaspTopTen2017":""},"190":{"en":{"cweID":"190","name":"Integer Overflow or Wraparound","description":"The software performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.","extendedDescription":"An integer overflow or wraparound occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may wrap to become a very small or negative number. While this may be intended behavior in circumstances that rely on wrapping, it can have security consequences if the wrap is unexpected. This is especially the case if the integer overflow can be triggered using user-supplied inputs. This becomes security-critical when the result is used to control looping, make a security decision, or determine the offset or size in behaviors such as memory allocation, copying, concatenation, etc."},"owaspTopTen2017":""},"20":{"en":{"cweID":"20","name":"Improper Input Validation","description":"The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.","extendedDescription":"When software does not validate input properly, an attacker is able to craft the input in a form that is not expected by the rest of the application. This will lead to parts of the system receiving unintended input, which may result in altered control flow, arbitrary control of a resource, or arbitrary code execution."},"owaspTopTen2017":""},"200":{"en":{"cweID":"200","name":"Information Exposure","description":"An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.","extendedDescription":""},"owaspTopTen2017":""},"250":{"en":{"cweID":"250","name":"Execution with Unnecessary Privileges","description":"The software performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.","extendedDescription":""},"owaspTopTen2017":""},"252":{"en":{"cweID":"252","name":"Unchecked Return Value","description":"The software does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.","extendedDescription":"Two common programmer assumptions are 'this function call can never fail' and 'it doesn't matter if this function call fails'. If an attacker can force the function to fail or otherwise return a value that is not expected, then the subsequent program logic could lead to a vulnerability, because the software is not in a state that the programmer assumes. For example, if the program calls a function to drop privileges but does not check the return code to ensure that privileges were successfully dropped, then the program will continue to operate with the higher privileges."},"owaspTopTen2017":""},"253":{"en":{"cweID":"253","name":"Incorrect Check of Function Return Value","description":"The software incorrectly checks a return value from a function, which prevents the software from detecting errors or exceptional conditions.","extendedDescription":"Important and common functions will return some value about the success of its actions. This will alert the program whether or not to handle any errors caused by that function."},"owaspTopTen2017":""},"264":{"en":{"cweID":"264","name":"","description":"","extendedDescription":""},"owaspTopTen2017":""},"267":{"en":{"cweID":"267","name":"Privilege Defined With Unsafe Actions","description":"A particular privilege, role, capability, or right can be used to perform unsafe actions that were not intended, even when it is assigned to the correct entity.","extendedDescription":""},"owaspTopTen2017":""},"275":{"en":{"cweID":"275","name":"","description":"","extendedDescription":""},"owaspTopTen2017":""},"284":{"en":{"cweID":"284","name":"Improper Access Control","description":"The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.","extendedDescription":""},"owaspTopTen2017":"5"},"285":{"en":{"cweID":"285","name":"Improper Authorization","description":"The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.","extendedDescription":""},"owaspTopTen2017":"5"},"287":{"en":{"cweID":"287","name":"Improper Authentication","description":"When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.","extendedDescription":""},"owaspTopTen2017":"2"},"297":{"en":{"cweID":"297","name":"Improper Validation of Certificate with Host Mismatch","description":"The software communicates with a host that provides a certificate, but the software does not properly ensure that the certificate is actually associated with that host.","extendedDescription":""},"owaspTopTen2017":""},"310":{"en":{"cweID":"310","name":"","description":"","extendedDescription":""},"owaspTopTen2017":""},"311":{"en":{"cweID":"311","name":"Missing Encryption of Sensitive Data","description":"The software does not encrypt sensitive or critical information before storage or transmission.","extendedDescription":"The lack of proper data encryption passes up the guarantees of confidentiality, integrity, and accountability that properly implemented encryption conveys."},"owaspTopTen2017":""},"320":{"en":{"cweID":"320","name":"","description":"","extendedDescription":""},"owaspTopTen2017":""},"327":{"en":{"cweID":"327","name":"Use of a Broken or Risky Cryptographic Algorithm","description":"The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information.","extendedDescription":"The use of a non-standard algorithm is dangerous because a determined attacker may be able to break the algorithm and compromise whatever data has been protected. Well-known techniques may exist to break the algorithm."},"owaspTopTen2017":""},"331":{"en":{"cweID":"331","name":"Insufficient Entropy","description":"The software uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.","extendedDescription":""},"owaspTopTen2017":""},"358":{"en":{"cweID":"358","name":"Improperly Implemented Security Check for Standard","description":"The software does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.","extendedDescription":""},"owaspTopTen2017":""},"362":{"en":{"cweID":"362","name":"Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')","description":"The program contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.","extendedDescription":""},"owaspTopTen2017":""},"369":{"en":{"cweID":"369","name":"Divide By Zero","description":"The product divides a value by zero.","extendedDescription":"This weakness typically occurs when an unexpected value is provided to the product, or if an error occurs that is not properly detected. It frequently occurs in calculations involving physical dimensions such as size, length, width, and height."},"owaspTopTen2017":""},"385":{"en":{"cweID":"385","name":"Covert Timing Channel","description":"Covert timing channels convey information by modulating some aspect of system behavior over time, so that the program receiving the information can observe system behavior and infer protected information.","extendedDescription":""},"owaspTopTen2017":""},"388":{"en":{"cweID":"388","name":"","description":"","extendedDescription":""},"owaspTopTen2017":""},"399":{"en":{"cweID":"399","name":"","description":"","extendedDescription":""},"owaspTopTen2017":""},"400":{"en":{"cweID":"400","name":"Uncontrolled Resource Consumption ('Resource Exhaustion')","description":"The software does not properly restrict the size or amount of resources that are requested or influenced by an actor, which can be used to consume more resources than intended.","extendedDescription":""},"owaspTopTen2017":""},"415":{"en":{"cweID":"415","name":"Double Free","description":"The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.","extendedDescription":"When a program calls free() twice with the same argument, the program's memory management data structures become corrupted. This corruption can cause the program to crash or, in some circumstances, cause two later calls to malloc() to return the same pointer. If malloc() returns the same value twice and the program later gives the attacker control over the data that is written into this doubly-allocated memory, the program becomes vulnerable to a buffer overflow attack."},"owaspTopTen2017":""},"416":{"en":{"cweID":"416","name":"Use After Free","description":"Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.","extendedDescription":""},"owaspTopTen2017":""},"451":{"en":{"cweID":"451","name":"User Interface (UI) Misrepresentation of Critical Information","description":"The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks.","extendedDescription":""},"owaspTopTen2017":""},"476":{"en":{"cweID":"476","name":"NULL Pointer Dereference","description":"A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.","extendedDescription":"NULL pointer dereference issues can occur through a number of flaws, including race conditions, and simple programming omissions."},"owaspTopTen2017":""},"552":{"en":{"cweID":"552","name":"Files or Directories Accessible to External Parties","description":"Files or directories are accessible in the environment that should not be.","extendedDescription":""},"owaspTopTen2017":""},"602":{"en":{"cweID":"602","name":"Client-Side Enforcement of Server-Side Security","description":"The software is composed of a server that relies on the client to implement a mechanism that is intended to protect the server.","extendedDescription":"When the server relies on protection mechanisms placed on the client side, an attacker can modify the client-side behavior to bypass the protection mechanisms resulting in potentially unexpected interactions between the client and server. The consequences will vary, depending on what the mechanisms are trying to protect."},"owaspTopTen2017":""},"611":{"en":{"cweID":"611","name":"Improper Restriction of XML External Entity Reference ('XXE')","description":"The software processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.","extendedDescription":""},"owaspTopTen2017":"4"},"667":{"en":{"cweID":"667","name":"Improper Locking","description":"The software does not properly acquire a lock on a resource, or it does not properly release a lock on a resource, leading to unexpected resource state changes and behaviors.","extendedDescription":""},"owaspTopTen2017":""},"706":{"en":{"cweID":"706","name":"Use of Incorrectly-Resolved Name or Reference","description":"The software uses a name or reference to access a resource, but the name/reference resolves to a resource that is outside of the intended control sphere.","extendedDescription":""},"owaspTopTen2017":""},"732":{"en":{"cweID":"732","name":"Incorrect Permission Assignment for Critical Resource","description":"The software specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.","extendedDescription":"When a resource is given a permissions setting that provides access to a wider range of actors than required, it could lead to the exposure of sensitive information, or the modification of that resource by unintended parties. This is especially dangerous when the resource is related to program configuration, execution or sensitive user data."},"owaspTopTen2017":""},"77":{"en":{"cweID":"77","name":"Improper Neutralization of Special Elements used in a Command ('Command Injection')","description":"The software constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.","extendedDescription":""},"owaspTopTen2017":"1"},"78":{"en":{"cweID":"78","name":"Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","description":"The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.","extendedDescription":""},"owaspTopTen2017":""},"787":{"en":{"cweID":"787","name":"Out-of-bounds Write","description":"The software writes data past the end, or before the beginning, of the intended buffer.","extendedDescription":"This typically occurs when the pointer or its index is incremented or decremented to a position beyond the bounds of the buffer or when pointer arithmetic results in a position outside of the valid memory location to name a few. This may result in corruption of sensitive information, a crash, or code execution among other things."},"owaspTopTen2017":""},"835":{"en":{"cweID":"835","name":"Loop with Unreachable Exit Condition ('Infinite Loop')","description":"The program contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.","extendedDescription":"If the loop can be influenced by an attacker, this weakness could allow attackers to consume excessive resources such as CPU or memory."},"owaspTopTen2017":""},"94":{"en":{"cweID":"94","name":"Improper Control of Generation of Code ('Code Injection')","description":"The software constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.","extendedDescription":""},"owaspTopTen2017":""}},"config":{"scan":{"logDir":"/vuls/log","resultsDir":"/vuls/results","default":{"wordpress":{}},"servers":{"localhost":{"serverName":"localhost","user":"vrodri3","host":"10.0.2.15","port":"22","scanMode":["fast"],"wordpress":{}}},"cacheDBPath":"/vuls/cache.db","cveDict":{"Type":""},"ovalDict":{"Type":""},"gost":{"Type":""},"exploit":{"Type":""}},"report":{"lang":"en","logDir":"/vuls/log","resultsDir":"/vuls/results","default":{"wordpress":{}},"servers":{"localhost":{"serverName":"localhost","user":"vrodri3","host":"10.0.2.15","port":"22","scanMode":["fast"],"wordpress":{}}},"cveDict":{"Type":"sqlite3"},"ovalDict":{"Type":"sqlite3"},"gost":{"Type":"sqlite3"},"exploit":{"Type":"sqlite3"},"refreshCve":true,"formatJSON":true}}}