Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2019-0388)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2019.0388

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2019-0388)

Resumen: The remote host is missing an update for the 'kernel, kmod-virtualbox, kmod-xtables-addons, ldetect-lst, wireguard-tools, xtables-addons' package(s) announced via the MGASA-2019-0388 advisory.

Descripción: Summary:
The remote host is missing an update for the 'kernel, kmod-virtualbox, kmod-xtables-addons, ldetect-lst, wireguard-tools, xtables-addons' package(s) announced via the MGASA-2019-0388 advisory.

Vulnerability Insight:
This update provides an update to 5.4 series kernels, currently based on
upstream 5.4.2, adding support for new hardware and features, and fixing
at least the following security issue:

KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID
(CVE-2019-19332)

WireGuard has been updated to 0.0.20191205.

xtables-addons have been updated to 3.7 for kernel 5.4 support.

For other fixes and features in this update, see the referenced changelogs.

Affected Software/OS:
'kernel, kmod-virtualbox, kmod-xtables-addons, ldetect-lst, wireguard-tools, xtables-addons' package(s) on Mageia 7.

Solution:
Please install the updated package(s).

CVSS Score:
5.6

CVSS Vector:
AV:L/AC:L/Au:N/C:N/I:P/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2019-19332
USN-4254-1
https://usn.ubuntu.com/4254-1/
USN-4254-2
https://usn.ubuntu.com/4254-2/
USN-4258-1
https://usn.ubuntu.com/4258-1/
USN-4284-1
https://usn.ubuntu.com/4284-1/
USN-4287-1
https://usn.ubuntu.com/4287-1/
USN-4287-2
https://usn.ubuntu.com/4287-2/
[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html
[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html
http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19332
https://lore.kernel.org/kvm/000000000000ea5ec20598d90e50%40google.com/
https://security.netapp.com/advisory/ntap-20200204-0002/
https://www.openwall.com/lists/oss-security/2019/12/16/1
openSUSE-SU-2020:0336
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2019.0388
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2019-0388)
Resumen:	The remote host is missing an update for the 'kernel, kmod-virtualbox, kmod-xtables-addons, ldetect-lst, wireguard-tools, xtables-addons' package(s) announced via the MGASA-2019-0388 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel, kmod-virtualbox, kmod-xtables-addons, ldetect-lst, wireguard-tools, xtables-addons' package(s) announced via the MGASA-2019-0388 advisory. Vulnerability Insight: This update provides an update to 5.4 series kernels, currently based on upstream 5.4.2, adding support for new hardware and features, and fixing at least the following security issue: KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332) WireGuard has been updated to 0.0.20191205. xtables-addons have been updated to 3.7 for kernel 5.4 support. For other fixes and features in this update, see the referenced changelogs. Affected Software/OS: 'kernel, kmod-virtualbox, kmod-xtables-addons, ldetect-lst, wireguard-tools, xtables-addons' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 5.6 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:P/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-19332 USN-4254-1 https://usn.ubuntu.com/4254-1/ USN-4254-2 https://usn.ubuntu.com/4254-2/ USN-4258-1 https://usn.ubuntu.com/4258-1/ USN-4284-1 https://usn.ubuntu.com/4284-1/ USN-4287-1 https://usn.ubuntu.com/4287-1/ USN-4287-2 https://usn.ubuntu.com/4287-2/ [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19332 https://lore.kernel.org/kvm/000000000000ea5ec20598d90e50%40google.com/ https://security.netapp.com/advisory/ntap-20200204-0002/ https://www.openwall.com/lists/oss-security/2019/12/16/1 openSUSE-SU-2020:0336 http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html
Copyright	Copyright (C) 2022 Greenbone AG