安全公告详情

NS-SA-2019-0149

2019-07-17 15:03:51

简介

important: kernel/spice-server security update

严重级别

important

主题

An update for kernel/spice-server is now available for NewStart CGSL MAIN 4.05.
NewStart Security has rated this update as having a security impact of important. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.

详细描述

kernel: The python-perf package contains a module that permits applications written in the Python programming language to use the interface to manipulate perf events.
spice-server: The Simple Protocol for Independent Computing Environments (SPICE) is a remote display system built for virtual environments which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. This package contains the runtime libraries for any application that wishes to be a SPICE server.


Security Fix(es):
kernel: It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.(CVE-2018-10902)
kernel: bugfix
spice-server: Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers.(CVE-2019-3813)
spice-server: bugfix


Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 4.05.F14.

影响组件

  • kernel
  • spice-server

影响产品

  • CGSL MAIN 4.05

更新包

{"fix":[{"product":"CGSL MAIN 4.05","pkgs":[{"binary":["kernel-2.6.32-642.13.1.el6.cgsl7780.x86_64.rpm","kernel-abi-whitelists-2.6.32-642.13.1.el6.cgsl7780.noarch.rpm","kernel-debug-2.6.32-642.13.1.el6.cgsl7780.x86_64.rpm","kernel-debug-debuginfo-2.6.32-642.13.1.el6.cgsl7780.x86_64.rpm","kernel-debug-devel-2.6.32-642.13.1.el6.cgsl7780.x86_64.rpm","kernel-debuginfo-2.6.32-642.13.1.el6.cgsl7780.x86_64.rpm","kernel-debuginfo-common-x86_64-2.6.32-642.13.1.el6.cgsl7780.x86_64.rpm","kernel-devel-2.6.32-642.13.1.el6.cgsl7780.x86_64.rpm","kernel-doc-2.6.32-642.13.1.el6.cgsl7780.noarch.rpm","kernel-firmware-2.6.32-642.13.1.el6.cgsl7780.noarch.rpm","kernel-headers-2.6.32-642.13.1.el6.cgsl7780.x86_64.rpm","perf-2.6.32-642.13.1.el6.cgsl7780.x86_64.rpm","perf-debuginfo-2.6.32-642.13.1.el6.cgsl7780.x86_64.rpm","python-perf-2.6.32-642.13.1.el6.cgsl7780.x86_64.rpm","python-perf-debuginfo-2.6.32-642.13.1.el6.cgsl7780.x86_64.rpm"],"source":"kernel-2.6.32-642.13.1.el6.cgsl7780.src.rpm"},{"binary":["spice-server-0.12.4-16.el6_10.3.x86_64.rpm","spice-server-debuginfo-0.12.4-16.el6_10.3.x86_64.rpm","spice-server-devel-0.12.4-16.el6_10.3.x86_64.rpm"],"source":"spice-server-0.12.4-16.el6_10.3.src.rpm"}]}]}

CVE

参考