CVE-2019-14835
CVE-2019-14835
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.
CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
Affected products
Linux Kernel · Linux kernelWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.htmlhttp://packetstormsecurity.com/files/154572/Kernel-Live-Patch-Security-Notice-LSN-0056-1.htmlhttp://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.htmlhttp://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.htmlhttps://access.redhat.com/errata/RHBA-2019:2824https://access.redhat.com/errata/RHSA-2019:2827https://access.redhat.com/errata/RHSA-2019:2828https://access.redhat.com/errata/RHSA-2019:2829https://access.redhat.com/errata/RHSA-2019:2830https://access.redhat.com/errata/RHSA-2019:2854https://access.redhat.com/errata/RHSA-2019:2862