Page tree
Skip to end of metadata
Go to start of metadata

Package changes from 3.3.3x and 3.3.4x to 3.3.5 are itemized here. Some for changed for security reasons and in response to CVEs.

Upgrade to 3.3.5 is allowed from the last 2 microreleases: 3.3.3.2 and 3.3.4.   This page shows only the changes from 3.3.4 to 3.3.5.


Deliverable

Name

upgradespectre_update-3.3.5.0.30523-20200407.tgz


CVEs and the new package and RPM that resolves each.

CVE

New RPM

PKG

DESCRIPTION

CVE-2018-15473

openssh-5.3p1-124.el6_10.x86_64

openssh

OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

CVE-2018-15473

openssh-clients-5.3p1-124.el6_10.x86_64

openssh-clients

OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

CVE-2018-15473

openssh-server-5.3p1-124.el6_10.x86_64

openssh-server

OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

CVE-2019-11135

kernel-2.6.32-754.28.1.el6.x86_64

kernel

TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.

CVE-2019-11135

kernel-firmware-2.6.32-754.28.1.el6.noarch

kernel-firmware

TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.

CVE-2019-11135

kernel-headers-2.6.32-754.28.1.el6.x86_64

kernel-headers

TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.

CVE-2019-11135

perf-2.6.32-754.28.1.el6.x86_64

perf

TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.

CVE-2019-14821

kernel-2.6.32-754.28.1.el6.x86_64

kernel

An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.

CVE-2019-14821

kernel-firmware-2.6.32-754.28.1.el6.noarch

kernel-firmware

An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.

CVE-2019-14821

kernel-headers-2.6.32-754.28.1.el6.x86_64

kernel-headers

An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.

CVE-2019-14821

perf-2.6.32-754.28.1.el6.x86_64

perf

An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.

CVE-2019-17133

kernel-2.6.32-754.28.1.el6.x86_64

kernel

In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.

CVE-2019-17133

kernel-firmware-2.6.32-754.28.1.el6.noarch

kernel-firmware

In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.

CVE-2019-17133

kernel-headers-2.6.32-754.28.1.el6.x86_64

kernel-headers

In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.

CVE-2019-17133

perf-2.6.32-754.28.1.el6.x86_64

perf

In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.

CVE-2019-0155

kernel-2.6.32-754.28.1.el6.x86_64

kernel

Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2019-0155

kernel-firmware-2.6.32-754.28.1.el6.noarch

kernel-firmware

Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2019-0155

kernel-headers-2.6.32-754.28.1.el6.x86_64

kernel-headers

Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2019-0155

perf-2.6.32-754.28.1.el6.x86_64

perf

Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2019-17055

kernel-2.6.32-754.28.1.el6.x86_64

kernel

base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.

CVE-2019-17055

kernel-firmware-2.6.32-754.28.1.el6.noarch

kernel-firmware

base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.

CVE-2019-17055

kernel-headers-2.6.32-754.28.1.el6.x86_64

kernel-headers

base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.

CVE-2019-17055

perf-2.6.32-754.28.1.el6.x86_64

perf

base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.

CVE-2019-0154

kernel-2.6.32-754.28.1.el6.x86_64

kernel

Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 and E-2100 Processor Families may allow an authenticated user to potentially enable denial of service via local access.

CVE-2019-0154

kernel-firmware-2.6.32-754.28.1.el6.noarch

kernel-firmware

Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 and E-2100 Processor Families may allow an authenticated user to potentially enable denial of service via local access.

CVE-2019-0154

kernel-headers-2.6.32-754.28.1.el6.x86_64

kernel-headers

Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 and E-2100 Processor Families may allow an authenticated user to potentially enable denial of service via local access.

CVE-2019-0154

perf-2.6.32-754.28.1.el6.x86_64

perf

Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 and E-2100 Processor Families may allow an authenticated user to potentially enable denial of service via local access.

CVE-2018-12207

kernel-2.6.32-754.28.1.el6.x86_64

kernel

Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.

CVE-2018-12207

kernel-firmware-2.6.32-754.28.1.el6.noarch

kernel-firmware

Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.

CVE-2018-12207

kernel-headers-2.6.32-754.28.1.el6.x86_64

kernel-headers

Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.

CVE-2018-12207

perf-2.6.32-754.28.1.el6.x86_64

perf

Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.

CVE-2019-18634

sudo-1.8.6p3-29.el6_10.3.x86_64

sudo

In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c.

CVE-2019-14287

sudo-1.8.6p3-29.el6_10.3.x86_64

sudo

In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u #$((0xffffffff))" command.


Packages updated for Security reasons.

Old Package

New Package for CVE

java-1.8.0-openjdk-headless-1.8.0.232.b09-1.el6_10.x86_64

java-1.8.0-openjdk-headless-1.8.0.242.b07-1.el6_10.x86_64

kernel-2.6.32-754.23.1.el6.x86_64

kernel-2.6.32-754.28.1.el6.x86_64

kernel-firmware-2.6.32-754.23.1.el6.noarch

kernel-firmware-2.6.32-754.28.1.el6.noarch

kernel-headers-2.6.32-754.23.1.el6.x86_64

kernel-headers-2.6.32-754.28.1.el6.x86_64

nspr-4.19.0-1.el6.x86_64

nspr-4.21.0-1.el6_10.x86_64

nss-3.36.0-9.el6_10.x86_64

nss-3.44.0-7.el6_10.x86_64

nss-softokn-3.14.3-23.3.el6_8.x86_64

nss-softokn-3.44.0-6.el6_10.x86_64

nss-softokn-freebl-3.14.3-23.3.el6_8.x86_64

nss-softokn-freebl-3.44.0-6.el6_10.x86_64

nss-sysinit-3.36.0-9.el6_10.x86_64

nss-sysinit-3.44.0-7.el6_10.x86_64

nss-tools-3.36.0-9.el6_10.x86_64

nss-tools-3.44.0-7.el6_10.x86_64

nss-util-3.36.0-1.el6.x86_64

nss-util-3.44.0-1.el6_10.x86_64

openssh-5.3p1-123.el6_9.x86_64

openssh-5.3p1-124.el6_10.x86_64

openssh-clients-5.3p1-123.el6_9.x86_64

openssh-clients-5.3p1-124.el6_10.x86_64

openssh-server-5.3p1-123.el6_9.x86_64

openssh-server-5.3p1-124.el6_10.x86_64

perf-2.6.32-754.23.1.el6.x86_64

perf-2.6.32-754.28.1.el6.x86_64

sudo-1.8.6p3-29.el6_9.x86_64

sudo-1.8.6p3-29.el6_10.3.x86_64


Packages updated NOT for Security reasons.

Old Package

New Package NOT for CVE

Old Package

New Package NOT for CVE

esi-release-3.3.4.0-28733.3850.x86_64

esi-release-3.3.5.0-30536.4285.x86_64

logbase-ui-3.3.4.0-20191114200425.x86_64

logbase-ui-3.3.5.0-20200409092507.x86_64

lumeta-api-3.3.4.0-28726.x86_64

lumeta-api-3.3.5.0-30535.x86_64

lumeta-api-client-3.3.4.0-13896.x86_64

lumeta-api-client-3.3.5.0-29193.x86_64

lumeta-cisco-ise-pxgrid-3.3.3.0-12060.x86_64

lumeta-cisco-ise-pxgrid-3.3.4.1-26411.x86_64

lumeta-console-3.3.4.0-28504.x86_64

lumeta-console-3.3.5.0-30234.x86_64

lumeta-diagnostics-3.3.4.0-28671.x86_64

lumeta-diagnostics-3.3.5.0-30488.x86_64

lumeta-discovery-agent-3.3.4.0-28675.x86_64

lumeta-discovery-agent-3.3.5.0-30519.x86_64

lumeta-dxl-3.3.4.0-13229.x86_64

lumeta-dxl-3.3.5.0-13229.x86_64

lumeta-install-3.3.4.0-28732.x86_64

lumeta-install-3.3.5.0-30460.x86_64

lumeta-ips-import-3.3.3.0-6550.x86_64

lumeta-ips-import-3.3.4.1-6550.x86_64

lumeta-ireg-3.3.4.0-6550.x86_64

lumeta-ireg-3.3.5.0-6550.x86_64

lumeta-jaas-3.3.3.0-13398.x86_64

lumeta-jaas-3.3.5.0-13398.x86_64

lumeta-lib-3.3.4.0-28641.x86_64

lumeta-lib-3.3.5.0-29992.x86_64

lumeta-pam-3.3.4.0-18946.x86_64

lumeta-pam-3.3.5.0-30422.x86_64

lumeta-tfa-3.3.3.0-10659.x86_64

lumeta-tfa-3.3.4.1-10659.x86_64

lumeta-tools-3.3.3.0-10695.x86_64

lumeta-tools-3.3.4.1-10695.x86_64

lumeta-ui-3.3.4.0-28464.x86_64

lumeta-ui-3.3.5.0-30195.x86_64

lumeta-visio-3.3.3.0-12259.x86_64

lumeta-visio-3.3.4.1-12259.x86_64

lumeta-webapp-3.3.4.0-13900.x86_64

lumeta-webapp-3.3.4.1-13900.x86_64

rawio-3.3.3.0-8288.x86_64

rawio-3.3.4.1-8288.x86_64

x15-backend-3.3.4.0-13991.x86_64

x15-backend-3.3.4.1-13991.x86_64

New packages.

  • No labels