Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.883135
Category:CentOS Local Security Checks
Title:CentOS Update for bpftool CESA-2019:3872 centos7
Summary:The remote host is missing an update for the 'bpftool'; package(s) announced via the CESA-2019:3872 advisory.
Description:Summary:
The remote host is missing an update for the 'bpftool'
package(s) announced via the CESA-2019:3872 advisory.

Vulnerability Insight:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory
write (CVE-2019-0155)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

1724398 - CVE-2019-0155 hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
kernel-3.10.0-1062.4.3.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1062.4.3.el7.noarch.rpm
kernel-doc-3.10.0-1062.4.3.el7.noarch.rpm

x86_64:
bpftool-3.10.0-1062.4.3.el7.x86_64.rpm
bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm
kernel-3.10.0-1062.4.3.el7.x86_64.rpm
kernel-debug-3.10.0-1062.4.3.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1062.4.3.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1062.4.3.el7.x86_64.rpm
kernel-devel-3.10.0-1062.4.3.el7.x86_64.rpm
kernel-headers-3.10.0-1062.4.3.el7.x86_64.rpm
kernel-tools-3.10.0-1062.4.3.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1062.4.3.el7.x86_64.rpm
perf-3.10.0-1062.4.3.el7.x86_64.rpm
perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm
python-perf-3.10.0-1062.4.3.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm
kernel-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-1062.4.3.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1062.4.3.el7.x86_64.rpm
perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
kernel-3.10.0-1062.4.3.el7.src.rpm

noarch:
kernel-abi-whitelists-3.10.0-1062.4.3.el7.noarch.rpm
kernel-doc-3.10.0-1062.4.3.el7.noarch.rpm

x86_64:
bpftool-3.10.0-1062.4.3.el7.x86_64.rpm
bpftool- ...

Description truncated. Please see the references for more information.

Affected Software/OS:
'bpftool' package(s) on CentOS 7.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2019-0155
Bugtraq: 20191118 [slackware-security] Slackware 14.2 kernel (SSA:2019-320-01) (Google Search)
https://seclists.org/bugtraq/2019/Nov/26
http://packetstormsecurity.com/files/155375/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html
RedHat Security Advisories: RHSA-2019:3841
https://access.redhat.com/errata/RHSA-2019:3841
RedHat Security Advisories: RHSA-2019:3887
https://access.redhat.com/errata/RHSA-2019:3887
RedHat Security Advisories: RHSA-2019:3889
https://access.redhat.com/errata/RHSA-2019:3889
RedHat Security Advisories: RHSA-2019:3908
https://access.redhat.com/errata/RHSA-2019:3908
RedHat Security Advisories: RHSA-2020:0204
https://access.redhat.com/errata/RHSA-2020:0204
https://usn.ubuntu.com/4186-2/
CopyrightCopyright (C) 2019 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2022 E-Soft Inc. All rights reserved.