RHEL 7 : kernel (RHSA-2020:0543)
critical Nessus Plugin ID 133786
Language:
Synopsis
The remote Red Hat host is missing one or more security updates.Description
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0543 advisory.- kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c (CVE-2018-20856)
- kernel: use-after-free in fs/xfs/xfs_super.c (CVE-2018-20976)
- kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation (CVE-2019-11085)
- kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping (CVE-2019-11599)
- kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c (CVE-2019-14895)
- kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c (CVE-2019-17133)
- kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow (CVE-2019-17666)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://access.redhat.com/security/cve/CVE-2019-17666
https://access.redhat.com/errata/RHSA-2020:0543
https://access.redhat.com/security/cve/CVE-2019-14895
https://bugzilla.redhat.com/1763690
https://access.redhat.com/security/cve/CVE-2018-20856
https://access.redhat.com/security/cve/CVE-2019-11599
https://bugzilla.redhat.com/1705937
https://bugzilla.redhat.com/1738705
https://access.redhat.com/security/cve/CVE-2018-20976
https://access.redhat.com/security/cve/CVE-2019-11085
https://access.redhat.com/security/cve/CVE-2019-17133
https://bugzilla.redhat.com/1710405
https://bugzilla.redhat.com/1743547
Plugin Details
Severity: Critical
ID: 133786
File Name: redhat-RHSA-2020-0543.nasl
Version: 1.9
Type: local
Agent: unix
Family: Red Hat Local Security Checks
Published: 2/19/2020
Updated: 1/23/2023
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: High
Base Score: 8.3
Temporal Score: 6.5
Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C
Temporal Vector: CVSS2#E:POC/RL:OF/RC:C
CVSS Score Source: CVE-2019-17666
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 8.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
CVSS Score Source: CVE-2019-17133
Vulnerability Information
CPE: cpe:2.3:o:redhat:rhel_eus:7.5:*:*:*:*:*:*:*, p-cpe:2.3:a:redhat:enterprise_linux:kernel:*:*:*:*:*:*:*, p-cpe:2.3:a:redhat:enterprise_linux:kernel-debug:*:*:*:*:*:*:*, p-cpe:2.3:a:redhat:enterprise_linux:kernel-debug-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:redhat:enterprise_linux:kernel-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:redhat:enterprise_linux:kernel-headers:*:*:*:*:*:*:*, p-cpe:2.3:a:redhat:enterprise_linux:perf:*:*:*:*:*:*:*, p-cpe:2.3:a:redhat:enterprise_linux:python-perf:*:*:*:*:*:*:*, p-cpe:2.3:a:redhat:enterprise_linux:kernel-abi-whitelists:*:*:*:*:*:*:*, p-cpe:2.3:a:redhat:enterprise_linux:kernel-kdump:*:*:*:*:*:*:*, p-cpe:2.3:a:redhat:enterprise_linux:kernel-kdump-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:redhat:enterprise_linux:kernel-tools:*:*:*:*:*:*:*, p-cpe:2.3:a:redhat:enterprise_linux:kernel-tools-libs:*:*:*:*:*:*:*, p-cpe:2.3:a:redhat:enterprise_linux:kernel-tools-libs-devel:*:*:*:*:*:*:*, p-cpe:2.3:a:redhat:enterprise_linux:kernel-bootwrapper:*:*:*:*:*:*:*
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 2/19/2020
Vulnerability Publication Date: 10/3/2018
Reference Information
CVE: CVE-2018-20856, CVE-2019-11085, CVE-2019-11599, CVE-2018-20976, CVE-2019-17133, CVE-2019-17666, CVE-2019-14895