CVE-2019-14821

HIGH
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14821

http://www.openwall.com/lists/oss-security/2019/09/20/1

https://lists.fedoraproject.org/archives/list/[email protected]/message/TRZQQQANZWQMPILZV7OTS3RGGRLLE2Q7/

https://www.debian.org/security/2019/dsa-4531

https://seclists.org/bugtraq/2019/Sep/41

https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html

https://lists.debian.org/debian-lts-announce/2019/10/msg00000.html

https://lists.fedoraproject.org/archives/list/[email protected]/message/YW3QNMPENPFEGVTOFPSNOBL7JEIJS25P/

https://security.netapp.com/advisory/ntap-20191004-0001/

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html

https://usn.ubuntu.com/4157-1/

https://usn.ubuntu.com/4157-2/

https://usn.ubuntu.com/4162-1/

https://usn.ubuntu.com/4163-1/

https://usn.ubuntu.com/4163-2/

https://usn.ubuntu.com/4162-2/

http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html

https://access.redhat.com/errata/RHSA-2019:3517

https://access.redhat.com/errata/RHSA-2019:3309

https://seclists.org/bugtraq/2019/Nov/11

http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html

https://access.redhat.com/errata/RHSA-2019:3978

https://access.redhat.com/errata/RHSA-2019:3979

https://access.redhat.com/errata/RHSA-2019:4154

https://access.redhat.com/errata/RHSA-2019:4256

https://access.redhat.com/errata/RHSA-2020:0027

https://access.redhat.com/errata/RHSA-2020:0204

https://www.oracle.com/security-alerts/cpuapr2020.html

Details

Source: MITRE

Published: 2019-09-19

Updated: 2021-06-02

Type: CWE-787

Risk Information

CVSS v2

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.9

Severity: HIGH

CVSS v3

Base Score: 8.8

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Impact Score: 6

Exploitability Score: 2

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from 2.6.27 to 3.15.10 (inclusive)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:5.4:rc1:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_for_real_time:7:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

Configuration 5

OR

cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*

Configuration 6

OR

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration 7

AND

OR

cpe:2.3:o:netapp:aff_a700s_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:aff_a700s:-:*:*:*:*:*:*:*

Configuration 8

AND

OR

cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Configuration 9

AND

OR

cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Configuration 10

AND

OR

cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Configuration 11

AND

OR

cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*

Configuration 12

AND

OR

cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*

Configuration 13

AND

OR

cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*

Configuration 14

AND

OR

cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Configuration 15

AND

OR

cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

Configuration 16

AND

OR

cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*

Configuration 17

OR

cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*

Configuration 18

OR

cpe:2.3:a:oracle:sd-wan_edge:7.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:sd-wan_edge:8.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:sd-wan_edge:8.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:sd-wan_edge:8.2:*:*:*:*:*:*:*

Tenable Plugins

View all (60 total)

IDNameProductFamilySeverity
150533SUSE SLES11 Security Update : kernel (SUSE-SU-2019:14218-1)NessusSuSE Local Security Checks
critical
145665CentOS 8 : kernel (CESA-2019:3517)NessusCentOS Local Security Checks
critical
138171RHEL 7 : kernel (RHSA-2020:2851)NessusRed Hat Local Security Checks
high
138011EulerOS Virtualization 3.0.6.0 : kvm (EulerOS-SA-2020-1792)NessusHuawei Local Security Checks
high
134735EulerOS Virtualization 3.0.2.2 : kernel (EulerOS-SA-2020-1269)NessusHuawei Local Security Checks
critical
134312NewStart CGSL MAIN 4.05 : kernel Multiple Vulnerabilities (NS-SA-2020-0021)NessusNewStart CGSL Local Security Checks
high
133463Virtuozzo 7 : readykernel-patch (VZA-2019-086)NessusVirtuozzo Local Security Checks
high
133399Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2020-011)NessusVirtuozzo Local Security Checks
high
133221RHEL 8 : kernel (RHSA-2020:0204)NessusRed Hat Local Security Checks
critical
132925SUSE SLES12 Security Update : kernel (SUSE-SU-2020:0093-1)NessusSuSE Local Security Checks
critical
132686RHEL 7 : kpatch-patch (RHSA-2020:0027)NessusRed Hat Local Security Checks
high
132539Photon OS 2.0: Linux PHSA-2019-2.0-0189NessusPhotonOS Local Security Checks
critical
132495NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0253)NessusNewStart CGSL Local Security Checks
high
132474NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel Multiple Vulnerabilities (NS-SA-2019-0247)NessusNewStart CGSL Local Security Checks
high
132404CentOS 6 : kernel (CESA-2019:4256)NessusCentOS Local Security Checks
high
132307Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20191217)NessusScientific Linux Local Security Checks
high
132304Oracle Linux 6 : kernel (ELSA-2019-4256)NessusOracle Linux Local Security Checks
high
132233RHEL 6 : kernel (RHSA-2019:4256)NessusRed Hat Local Security Checks
high
132071SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:3295-1)NessusSuSE Local Security Checks
high
131979RHEL 7 : kernel-alt (RHSA-2019:4154)NessusRed Hat Local Security Checks
high
131845EulerOS 2.0 SP2 : kernel (EulerOS-SA-2019-2353)NessusHuawei Local Security Checks
critical
131833SUSE SLES12 Security Update : kernel (SUSE-SU-2019:3200-1)NessusSuSE Local Security Checks
high
131832Scientific Linux Security Update : kernel on SL7.x x86_64 (20191205)NessusScientific Linux Local Security Checks
high
131571CentOS 7 : kernel (CESA-2019:3979)NessusCentOS Local Security Checks
high
131519Oracle Linux 7 : kernel (ELSA-2019-3979)NessusOracle Linux Local Security Checks
high
131421NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0222)NessusNewStart CGSL Local Security Checks
high
131379RHEL 7 : kernel (RHSA-2019:3979)NessusRed Hat Local Security Checks
high
131378RHEL 7 : kernel-rt (RHSA-2019:3978)NessusRed Hat Local Security Checks
high
131120SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2984-1)NessusSuSE Local Security Checks
critical
130950SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2950-1) (SACK Panic)NessusSuSE Local Security Checks
critical
130949SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2949-1)NessusSuSE Local Security Checks
critical
130751Slackware 14.2 : Slackware 14.2 kernel (SSA:2019-311-01)NessusSlackware Local Security Checks
critical
130736EulerOS 2.0 SP3 : kernel (EulerOS-SA-2019-2274)NessusHuawei Local Security Checks
critical
130663EulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-2201)NessusHuawei Local Security Checks
critical
130547RHEL 8 : kernel (RHSA-2019:3517)NessusRed Hat Local Security Checks
critical
130526RHEL 8 : kernel-rt (RHSA-2019:3309)NessusRed Hat Local Security Checks
critical
130452SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2019:2879-1)NessusSuSE Local Security Checks
high
130152Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4163-1)NessusUbuntu Local Security Checks
critical
130151Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4162-1)NessusUbuntu Local Security Checks
critical
130147Ubuntu 18.04 LTS : Linux kernel (HWE) vulnerabilities (USN-4157-2)NessusUbuntu Local Security Checks
critical
130120Photon OS 3.0: Linux PHSA-2019-3.0-0034NessusPhotonOS Local Security Checks
high
130089SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2710-1)NessusSuSE Local Security Checks
high
130050SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2706-1)NessusSuSE Local Security Checks
high
130003Ubuntu 19.04 : Linux kernel vulnerabilities (USN-4157-1)NessusUbuntu Local Security Checks
critical
129924NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0200)NessusNewStart CGSL Local Security Checks
high
129845SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2648-1)NessusSuSE Local Security Checks
critical
129841Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2019-4820)NessusOracle Linux Local Security Checks
high
129807openSUSE Security Update : the Linux Kernel (openSUSE-2019-2308)NessusSuSE Local Security Checks
high
129806openSUSE Security Update : the Linux Kernel (openSUSE-2019-2307)NessusSuSE Local Security Checks
high
129512Fedora 29 : kernel / kernel-headers / kernel-tools (2019-a570a92d5a)NessusFedora Local Security Checks
high
129505Debian DLA-1940-1 : linux-4.9 security updateNessusDebian Local Security Checks
high
129440EulerOS 2.0 SP8 : kernel (EulerOS-SA-2019-2081)NessusHuawei Local Security Checks
critical
129407Amazon Linux AMI : kernel (ALAS-2019-1293)NessusAmazon Linux Local Security Checks
high
129392Amazon Linux 2 : kernel (ALAS-2019-1293)NessusAmazon Linux Local Security Checks
high
129361Debian DLA-1930-1 : linux security updateNessusDebian Local Security Checks
critical
129306Debian DSA-4531-1 : linux - security updateNessusDebian Local Security Checks
high
129170Fedora 30 : kernel / kernel-headers (2019-15e141c6a7)NessusFedora Local Security Checks
high
129141Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4800)NessusOracle Linux Local Security Checks
high
129140Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2019-4799)NessusOracle Linux Local Security Checks
high
129137OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0044)NessusOracleVM Local Security Checks
high