English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.2.2019.1221
Category:Huawei EulerOS Local Security Checks
Title:Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1221)
Summary:The remote host is missing an update for the Huawei EulerOS 'kernel' package(s) announced via the EulerOS-SA-2019-1221 advisory.
Description:Summary:
The remote host is missing an update for the Huawei EulerOS 'kernel' package(s) announced via the EulerOS-SA-2019-1221 advisory.

Vulnerability Insight:
A new software page cache side channel attack scenario was discovered in operating systems that implement the very common 'page cache' caching mechanism. A malicious user/process could use 'in memory' page-cache knowledge to infer access timings to shared memory and gain knowledge which can be used to reduce effectiveness of cryptographic strength by monitoring algorithmic behavior, infer access patterns of memory to determine code paths taken, and exfiltrate data to a blinded attacker through page-granularity access times as a side-channel.(CVE-2019-5489)

Affected Software/OS:
'kernel' package(s) on Huawei EulerOS Virtualization 2.5.3.

Solution:
Please install the updated package(s).

CVSS Score:
2.1

CVSS Vector:
AV:L/AC:L/Au:N/C:P/I:N/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2019-5489
BugTraq ID: 106478
http://www.securityfocus.com/bid/106478
Bugtraq: 20190618 [SECURITY] [DSA 4465-1] linux security update (Google Search)
https://seclists.org/bugtraq/2019/Jun/26
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-pagecache-en
https://security.netapp.com/advisory/ntap-20190307-0001/
Debian Security Information: DSA-4465 (Google Search)
https://www.debian.org/security/2019/dsa-4465
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=574823bfab82d9d8fa47f422778043fbb4b4f50e
https://arxiv.org/abs/1901.01161
https://bugzilla.suse.com/show_bug.cgi?id=1120843
https://github.com/torvalds/linux/commit/574823bfab82d9d8fa47f422778043fbb4b4f50e
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.theregister.co.uk/2019/01/05/boffins_beat_page_cache/
https://lists.debian.org/debian-lts-announce/2019/06/msg00010.html
https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html
RedHat Security Advisories: RHSA-2019:2029
https://access.redhat.com/errata/RHSA-2019:2029
RedHat Security Advisories: RHSA-2019:2043
https://access.redhat.com/errata/RHSA-2019:2043
RedHat Security Advisories: RHSA-2019:2473
https://access.redhat.com/errata/RHSA-2019:2473
RedHat Security Advisories: RHSA-2019:2808
https://access.redhat.com/errata/RHSA-2019:2808
RedHat Security Advisories: RHSA-2019:2809
https://access.redhat.com/errata/RHSA-2019:2809
RedHat Security Advisories: RHSA-2019:2837
https://access.redhat.com/errata/RHSA-2019:2837
RedHat Security Advisories: RHSA-2019:3309
https://access.redhat.com/errata/RHSA-2019:3309
RedHat Security Advisories: RHSA-2019:3517
https://access.redhat.com/errata/RHSA-2019:3517
RedHat Security Advisories: RHSA-2019:3967
https://access.redhat.com/errata/RHSA-2019:3967
RedHat Security Advisories: RHSA-2019:4056
https://access.redhat.com/errata/RHSA-2019:4056
RedHat Security Advisories: RHSA-2019:4057
https://access.redhat.com/errata/RHSA-2019:4057
RedHat Security Advisories: RHSA-2019:4058
https://access.redhat.com/errata/RHSA-2019:4058
RedHat Security Advisories: RHSA-2019:4159
https://access.redhat.com/errata/RHSA-2019:4159
RedHat Security Advisories: RHSA-2019:4164
https://access.redhat.com/errata/RHSA-2019:4164
RedHat Security Advisories: RHSA-2019:4255
https://access.redhat.com/errata/RHSA-2019:4255
RedHat Security Advisories: RHSA-2020:0204
https://access.redhat.com/errata/RHSA-2020:0204
SuSE Security Announcement: openSUSE-SU-2019:1479 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html
SuSE Security Announcement: openSUSE-SU-2019:1570 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html
SuSE Security Announcement: openSUSE-SU-2019:1579 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html
CopyrightCopyright (C) 2020 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.