Page tree
Skip to end of metadata
Go to start of metadata

This page shows the package changes from 3.3.2* and 3.3.3* to 3.3.4 some for security reasons and the CVEs.

Upgrade to 3.3.4 is allowed from any 3.3.2.* and 3.3.3.*.  This page shows only the changes from 3.3.3.2 to 3.3.4.

DeliverableName
upgradespectre_update-3.3.4.0.28733-20191114.tgz



CVEs and the new package and RPM that resolves each.

CVE

New RPM

PKG

DESCRIPTION

CVE-2018-17972

kernel-2.6.32-754.23.1.el6.x86_64

kernel

An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents.

CVE-2018-17972

kernel-firmware-2.6.32-754.23.1.el6.noarch

kernel-firmware

An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents.

CVE-2018-17972

kernel-headers-2.6.32-754.23.1.el6.x86_64

kernel-headers

An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents.

CVE-2018-17972

perf-2.6.32-754.23.1.el6.x86_64

perf

An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents.

CVE-2019-1125

kernel-2.6.32-754.23.1.el6.x86_64

kernel

An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073.

CVE-2019-1125

kernel-firmware-2.6.32-754.23.1.el6.noarch

kernel-firmware

An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073.

CVE-2019-1125

kernel-headers-2.6.32-754.23.1.el6.x86_64

kernel-headers

An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073.

CVE-2019-1125

perf-2.6.32-754.23.1.el6.x86_64

perf

An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073.

CVE-2019-14835

kernel-2.6.32-754.23.1.el6.x86_64

kernel

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.

CVE-2019-14835

kernel-firmware-2.6.32-754.23.1.el6.noarch

kernel-firmware

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.

CVE-2019-14835

kernel-headers-2.6.32-754.23.1.el6.x86_64

kernel-headers

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.

CVE-2019-14835

perf-2.6.32-754.23.1.el6.x86_64

perf

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.

CVE-2018-9568

kernel-2.6.32-754.23.1.el6.x86_64

kernel

In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-113509306. References: Upstream kernel.

CVE-2018-9568

kernel-firmware-2.6.32-754.23.1.el6.noarch

kernel-firmware

In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-113509306. References: Upstream kernel.

CVE-2018-9568

kernel-headers-2.6.32-754.23.1.el6.x86_64

kernel-headers

In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-113509306. References: Upstream kernel.

CVE-2018-9568

perf-2.6.32-754.23.1.el6.x86_64

perf

In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-113509306. References: Upstream kernel.

CVE-2019-5489

kernel-2.6.32-754.23.1.el6.x86_64

kernel

The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.

CVE-2019-5489

kernel-firmware-2.6.32-754.23.1.el6.noarch

kernel-firmware

The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.

CVE-2019-5489

kernel-headers-2.6.32-754.23.1.el6.x86_64

kernel-headers

The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.

CVE-2019-5489

perf-2.6.32-754.23.1.el6.x86_64

perf

The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.

CVE-2019-11810

kernel-2.6.32-754.23.1.el6.x86_64

kernel

An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free.

CVE-2019-11810

kernel-firmware-2.6.32-754.23.1.el6.noarch

kernel-firmware

An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free.

CVE-2019-11810

kernel-headers-2.6.32-754.23.1.el6.x86_64

kernel-headers

An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free.

CVE-2019-11810

perf-2.6.32-754.23.1.el6.x86_64

perf

An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free.

CVE-2019-1559

openssl-1.0.1e-58.el6_10.x86_64

openssl

If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).


Packages updated for Security reasons.

Old Package

New Package for CVE

kernel-2.6.32-754.15.3.el6.x86_64

kernel-2.6.32-754.23.1.el6.x86_64

kernel-firmware-2.6.32-754.15.3.el6.noarch

kernel-firmware-2.6.32-754.23.1.el6.noarch

kernel-headers-2.6.32-754.15.3.el6.x86_64

kernel-headers-2.6.32-754.23.1.el6.x86_64

libtalloc-2.0.7-2.el6.x86_64

libtalloc-2.1.5-1.el6_7.x86_64

libtevent-0.9.18-3.el6.x86_64

libtevent-0.9.26-2.el6_7.x86_64

java-1.8.0-openjdk-headless-1.8.0.201.b09-2.el6_10.x86_64

java-1.8.0-openjdk-headless-1.8.0.232.b09-1.el6_10.x86_64

openssl-1.0.1e-57.el6.x86_64

openssl-1.0.1e-58.el6_10.x86_64

perf-2.6.32-754.15.3.el6.x86_64

perf-2.6.32-754.23.1.el6.x86_64


Packages updated NOT for Security reasons.

Old Package

New Package NOT for CVE

esi-release-3.3.3.2-24979.203.x86_64

esi-release-3.3.4.0-28733.3850.x86_64

logbase-ui-3.3.3.2-20190805174712.x86_64

logbase-ui-3.3.4.0-20191114200425.x86_64

lumeta-api-3.3.3.2-24972.x86_64

lumeta-api-3.3.4.0-28726.x86_64

lumeta-api-client-3.3.3.2-13904.x86_64

lumeta-api-client-3.3.4.0-13896.x86_64

lumeta-console-3.3.3.2-19864.x86_64

lumeta-console-3.3.4.0-28504.x86_64

lumeta-diagnostics-3.3.3.2-16420.x86_64

lumeta-diagnostics-3.3.4.0-28671.x86_64

lumeta-discovery-agent-3.3.3.2-22409.x86_64

lumeta-discovery-agent-3.3.4.0-28675.x86_64

lumeta-dxl-3.3.3.2-13229.x86_64

lumeta-dxl-3.3.4.0-13229.x86_64

lumeta-install-3.3.3.2-23918.x86_64

lumeta-install-3.3.4.0-28732.x86_64

lumeta-ireg-3.3.3.2-6550.x86_64

lumeta-ireg-3.3.4.0-6550.x86_64

lumeta-lib-3.3.3.2-19864.x86_64

lumeta-lib-3.3.4.0-28641.x86_64

lumeta-pam-3.3.3.2-17315.x86_64

lumeta-pam-3.3.4.0-18946.x86_64

lumeta-ui-3.3.3.2-20637.x86_64

lumeta-ui-3.3.4.0-28464.x86_64

lumeta-webapp-3.3.3.2-13903.x86_64

lumeta-webapp-3.3.4.0-13900.x86_64

x15-backend-3.3.3.2-13982.x86_64

x15-backend-3.3.4.0-13991.x86_64

x15-clusteradmin-4.16.3-1.x86_64

x15-clusteradmin-4.16.4-1.x86_64

x15-flume-ng-plugin-4.16.3-1.x86_64

x15-flume-ng-plugin-4.16.4-1.x86_64

x15-server-4.16.3-1.x86_64

x15-server-4.16.4-1.x86_64

x15-tools-4.16.3-1.x86_64

x15-tools-4.16.4-1.x86_64


New packages.

New Package NOT for CVE

cryptsetup-luks-1.2.0-11.el6.x86_64

cryptsetup-luks-libs-1.2.0-11.el6.x86_64

httpd24-apr-util-openssl-1.5.4-1.el6.x86_64

httpd24-mod_session-2.4.34-7.el6.1.x86_64

perl-JSON-2.15-5.el6.noarch

wmi-1.3.14-27.3.x86_64


  • No labels