Security
Headlines
HeadlinesLatestCVEs

Headline

RHEA-2020:2011: Red Hat Enhancement Advisory: CNV 2.3.0 Images

Container-native virtualization release 2.3.0 is now available with updates to packages and images that fix several bugs and add enhancements.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2020-1701: virt-handler: virt-handler daemonset clusterroles allows retrieval of secrets
  • CVE-2020-1742: nmstate/kubernetes-nmstate-handler: /etc/passwd is given incorrect privileges
Red Hat Security Data
#web#mac#windows#red_hat#kubernetes#vmware#auth

Issued:

2020-05-04

Updated:

2020-05-04

RHEA-2020:2011 - Product Enhancement Advisory

  • Overview
  • Updated Packages

Synopsis

CNV 2.3.0 Images

Type/Severity

Product Enhancement Advisory

Topic

Container-native virtualization release 2.3.0 is now available with updates to packages and images that fix several bugs and add enhancements.

Description

Container-native virtualization is Red Hat’s virtualization solution designed for Red Hat OpenShift Container Platform.

This advisory contains the following container-native virtualization 2.3.0 images:

RHEL-7-CNV-2.3
==============
kubevirt-ssp-operator-container-v2.3.0-42

RHEL-8-CNV-2.3
==============
hostpath-provisioner-operator-container-v2.3.0-13
kubevirt-cpu-node-labeller-container-v2.3.0-9
kubevirt-metrics-collector-container-v2.3.0-9
kubevirt-template-validator-container-v2.3.0-10
virtio-win-container-v2.3.0-8
node-maintenance-operator-container-v2.3.0-10
hostpath-provisioner-container-v2.3.0-12
kubevirt-kvm-info-nfd-plugin-container-v2.3.0-9
bridge-marker-container-v2.3.0-29
cnv-containernetworking-plugins-container-v2.3.0-30
kubemacpool-container-v2.3.0-28
kubevirt-cpu-model-nfd-plugin-container-v2.3.0-9
kubernetes-nmstate-handler-container-v2.3.0-30
ovs-cni-marker-container-v2.3.0-29
cluster-network-addons-operator-container-v2.3.0-28
ovs-cni-plugin-container-v2.3.0-28
kubevirt-v2v-conversion-container-v2.3.0-11
kubevirt-vmware-container-v2.3.0-11
virt-operator-container-v2.3.0-39
virt-controller-container-v2.3.0-39
virt-handler-container-v2.3.0-39
virt-api-container-v2.3.0-39
virt-launcher-container-v2.3.0-39
virt-cdi-cloner-container-v2.3.0-41
virt-cdi-operator-container-v2.3.0-41
virt-cdi-apiserver-container-v2.3.0-41
virt-cdi-uploadproxy-container-v2.3.0-41
virt-cdi-controller-container-v2.3.0-41
virt-cdi-importer-container-v2.3.0-41
virt-cdi-uploadserver-container-v2.3.0-41
hyperconverged-cluster-operator-container-v2.3.0-61
cnv-must-gather-container-v2.3.0-45
hco-bundle-registry-container-v2.3.0-174

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Container Native Virtualization 2.3 for RHEL 8 x86_64

Fixes

  • BZ - 1712429 - delete project kubevirt-hyperconverged stucked in Terminating state due to kubevirt apiserver
  • BZ - 1713378 - Empty PHASE field in `oc get hco`
  • BZ - 1722850 - Inconsistency in KubeVirt components naming and abbreviation
  • BZ - 1729761 - kubevirt-ssp-operator failed to load due to authentication or permission failure
  • BZ - 1739149 - cnv-tests: import invalid-qcow-large-size.img should fail for xfs
  • BZ - 1745998 - VMs and DVs (user-data) is getting deleted during HCO uninstall
  • BZ - 1753243 - [SSP] Common templates validations - wrong value of minimal-required-memory
  • BZ - 1757784 - HCO reconciles continuously
  • BZ - 1765221 - Container-native Virtualization 2.3.0 Images
  • BZ - 1769593 - In create VM wizard, list of operating systems is out of date
  • BZ - 1769595 - virtual-machinecontroller retries DataVolume creation that can’t succeed without cleanup
  • BZ - 1770339 - UI is not displaying the expected name & documentation
  • BZ - 1781293 - KubeVirt kind hangs in Deleting state on cleanup script
  • BZ - 1781512 - kubevirt-hyperconverged package manifest should refer to operator images by digest, not tag
  • BZ - 1782241 - HCO-managed configmaps are dropped and recreated, dropping all user-provided configuration
  • BZ - 1783343 - [CNV 2.3] VMI fails to start on “Unable to set XATTR trusted.libvirt.security.dac”
  • BZ - 1789093 - Large images met timeout or EOF when uploading a qcow2 image
  • BZ - 1793603 - kubevirt-ssp-operator’s ansible-playbook fails in template validator task
  • BZ - 1794050 - hostpath-provisioner - PV doesn’t get removed after deleting DV (when attempting to run out of space)
  • BZ - 1795227 - OperatorGroup shoudn’t be created when CONTENT_ONLY variable is set
  • BZ - 1796796 - [CNV-2.3 Deployment] cluster-network-addons-operator fails to create config map
  • BZ - 1798487 - [CNV-2.3] Unable use use deploy from marketplace script - mismatch in HCO resource name
  • BZ - 1799016 - [CNV-2.3][HPP] host-path-provisioner operator fails with SIGSEGV error
  • BZ - 1799055 - CNV operator should make use of suggested namespace annotation
  • BZ - 1800714 - rhel8-tiny templates use 1Gi memory instead of 1.5Gi minimum seen in osinfo-db rhel-8 files
  • BZ - 1800792 - NodeNeworkConfigurationPolicy not applied to workers that were down during initial application of the policy
  • BZ - 1801297 - windows-10 VM memory validation is too low (0.5GiB) as seen from osinfo-db
  • BZ - 1802001 - CD-ROM does not support disk type “VirtIO”
  • BZ - 1802120 - [CNV-2.3] CDI operator is failing to complete deployment
  • BZ - 1802126 - [CNV-2.3] SSP operator is failing to finish deployment
  • BZ - 1803220 - csv-generator for hostpath-provisioner-operator creates invalid deployment spec
  • BZ - 1804102 - [cnv-2.3] Kubevirt version is v0.23.3 instead of kubevirt-0.26.0
  • BZ - 1805204 - [kubevirt-functional-tests] securityContext tests don’t account for cluster settings
  • BZ - 1805627 - VM cannot be accessed with console
  • BZ - 1806115 - nmstate: failed to create bridge on node
  • BZ - 1807572 - Prevent installation of CNV in the openshift-operators namespace
  • BZ - 1807804 - [Customer0 data migration] The storage class name that is exported from VirtualMachine.spec.dataVolumeTemplates is not changed
  • BZ - 1807820 - [Customer0 data migration] Failed to import PVC/DV/VM data
  • BZ - 1809872 - CDI operator “sometime” fails to reconcile a new CDI CR created by HCO after deletion of a previous one
  • BZ - 1810493 - Migration failed with error: ‘no connection driver available for storage:///system’
  • BZ - 1812710 - When CNV insalled the kubemacpool mutatingwebhook interferes with openshift-ovn-kubernetes ns
  • BZ - 1812856 - knmstate: Inconsistency between NNCE and NNCP status report
  • BZ - 1812970 - virt-launcher pod hit OOMKilled when dedicatedCpuPlacement set to true
  • BZ - 1813106 - CNV 2.3 hco-bundle-registry-container with v2.2.0 version info
  • BZ - 1813350 - Workaround BZ 1776236 (lstat /proc/63538/ns/ipc)
  • BZ - 1815145 - Can’t re-deploy HCO. KubevirtNodeLabellerBundle resource has no conditions
  • BZ - 1816778 - [must gather] Needs Investigation for APIversion related errors
  • BZ - 1817057 - ContainerDisk is sometimes OOMKilled on some systems
  • BZ - 1819288 - Drop ownership of kubernetes-nmstate CRDs
  • BZ - 1819700 - CLI command to trigger the upgrade contains u/s var instead of d/s

CVEs

  • CVE-2015-2716
  • CVE-2015-8035
  • CVE-2016-5131
  • CVE-2017-15412
  • CVE-2017-18258
  • CVE-2018-10360
  • CVE-2018-14404
  • CVE-2018-14567
  • CVE-2018-20852
  • CVE-2019-3820
  • CVE-2019-5436
  • CVE-2019-9924
  • CVE-2019-13734
  • CVE-2019-14814
  • CVE-2019-14815
  • CVE-2019-14816
  • CVE-2019-14818
  • CVE-2019-14895
  • CVE-2019-14898
  • CVE-2019-14901
  • CVE-2019-15030
  • CVE-2019-15031
  • CVE-2019-16056
  • CVE-2019-16865
  • CVE-2019-17666
  • CVE-2019-18408
  • CVE-2019-18634
  • CVE-2019-18660
  • CVE-2019-19338
  • CVE-2019-19527
  • CVE-2020-1701
  • CVE-2020-1712
  • CVE-2020-1733
  • CVE-2020-1735
  • CVE-2020-1737
  • CVE-2020-1739
  • CVE-2020-1740
  • CVE-2020-1742
  • CVE-2020-1746
  • CVE-2020-1753
  • CVE-2020-5312
  • CVE-2020-10531
  • CVE-2020-10684
  • CVE-2020-10685
  • CVE-2020-10691

Red Hat Container Native Virtualization 2.3 for RHEL 8

SRPM

x86_64

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

Ubuntu Security Notice USN-7052-1

Ubuntu Security Notice 7052-1 - It was discovered that GNOME Shell mishandled extensions that fail to reload, possibly leading to extensions staying enabled on the lock screen. An attacker could possibly use this issue to launch applications, view sensitive information, or execute arbitrary commands. It was discovered that the GNOME Shell incorrectly handled certain keyboard inputs. An attacker could possibly use this issue to invoke keyboard shortcuts, and potentially other actions while the workstation was locked.

Ubuntu Security Notice USN-6891-1

Ubuntu Security Notice 6891-1 - It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. It was discovered that Python incorrectly used regular expressions vulnerable to catastrophic backtracking. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS.

CVE-2023-28864: Chef Infra Server Release Notes

Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. (The data typically includes credentials for additional systems.) The attacker must wait for an admin to run the "chef-server-ctl reconfigure" command.

CVE-2022-34456: DSA-2022-267: Dell EMC Metronode VS5 Security Update for Multiple Third-Party Component Vulnerabilities

Dell EMC Metro node, Version(s) prior to 7.1, contain a Code Injection Vulnerability. An authenticated nonprivileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application.

CVE-2022-21496: Oracle Critical Patch Update Advisory - April 2022

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service ...

CVE-2022-21363: Oracle Critical Patch Update Advisory - January 2022

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).

CVE-2021-21591: DSA-2021-139: Dell Unity, Dell UnityVSA, and Dell Unity XT Security Update for Multiple Vulnerabilities

Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 contain a plain-text password storage vulnerability. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user.

CVE-2020-1742: Invalid Bug ID

An insecure modification vulnerability flaw was found in containers using nmstate/kubernetes-nmstate-handler. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. Versions before kubernetes-nmstate-handler-container-v2.3.0-30 are affected.

CVE-2020-14354: [SECURITY] Fedora 33 Update: nodejs-14.15.1-1.fc33 - package-announce

A possible use-after-free and double-free in c-ares lib version 1.16.0 if ares_destroy() is called prior to ares_getaddrinfo() completing. This flaw possibly allows an attacker to crash the service that uses c-ares lib. The highest threat from this vulnerability is to this service availability.

CVE-2021-2154: Oracle Critical Patch Update Advisory - April 2021

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.7.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

CVE-2021-2163: Oracle Critical Patch Update Advisory - April 2021

Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20.3.1.2 and 21.0.0.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 5.3 (Integrity impacts). CV...

CVE-2021-2119: Oracle Critical Patch Update Advisory - January 2021

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).

CVE-2020-14829: Oracle Critical Patch Update Advisory - October 2020

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

CVE-2020-0298: Android 11 Security Release Notes  |  Android Open Source Project

In Bluetooth, there is a possible control over Bluetooth enabled state due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-145129266

CVE-2020-2978: Oracle Critical Patch Update Advisory - July 2020

Vulnerability in the Oracle Database - Enterprise Edition component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having DBA role account privilege with network access via Oracle Net to compromise Oracle Database - Enterprise Edition. While the vulnerability is in Oracle Database - Enterprise Edition, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Database - Enterprise Edition accessible data. CVSS 3.1 Base Score 4.1 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N).

CVE-2020-10685: Invalid Bug ID

A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in /tmp leaves the s ts unencrypted. On Operating Systems which /tmp is not a tmpfs but part of the root partition, the directory is only cleared on boot and the decryp emains when the host is switched off. The system will be vulnerable when the system is not running. So decrypted data must be cleared as soon as possible and the data which normally is encrypted ble.

CVE-2019-14898

The fix for CVE-2019-11599 was not complete. A local user could use this flaw to obtain sensitive information, cause a denial of service, or possibly have other unspecified impacts by triggering a race condition with mmget_not_zero or get_task_mm calls.

CVE-2020-2956: Oracle Critical Patch Update Advisory - April 2020

Vulnerability in the Oracle Human Resources product of Oracle E-Business Suite (component: Hierarchy Diagrammers). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Human Resources. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Human Resources accessible data as well as unauthorized access to critical data or complete access to all Oracle Human Resources accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).

RHSA-2020:1016: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2015-9289: A vulnerability was found in the Linux kernel’s CX24116 tv-card driver, where an out of bounds read occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. An attacker could use this flaw to leak kernel private information to userspace. * CVE-2017-17807: The KEYS subsystem in the Linux kernel omitted an access-control check ...

CVE-2020-1712: Merge branch 'polkit-ref-count' · systemd/systemd@ea0d0ed

A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.

CVE-2020-10531: ICU-20958 Prevent SEGV_MAPERR in UnicodeString::doAppend() by FrankYFTang · Pull Request #971 · unicode-org/icu

An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.

CVE-2020-0041: Android Security Bulletin—March 2020  |  Android Open Source Project

In binder_transaction of binder.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-145988638References: Upstream kernel

CVE-2020-0003: Android Security Bulletin—January 2020  |  Android Open Source Project

In onCreate of InstallStart.java, there is a possible package validation bypass due to a time-of-check time-of-use vulnerability. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.0 Android ID: A-140195904

CVE-2020-5310: 6.2.2

libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc.

CVE-2019-19527

In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka CID-9c09b214f30e.

CVE-2019-14901: Invalid Bug ID

A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system.

CVE-2019-14895: security - Linux kernel: heap overflow in the marvell wifi driver

A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code.

CVE-2019-14815: Invalid Bug ID

A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.

CVE-2019-14818: Invalid Bug ID

A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM messages, resulting in a memory leak including file descriptors. This flaw could lead to a denial of service condition.

CVE-2019-2999: Oracle Critical Patch Update Advisory - October 2019

Vulnerability in the Java SE product of Oracle Java SE (component: Javadoc). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Ja...

CVE-2019-14816: security - Linux kernel: three heap overflow in the marvell wifi driver

There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

CVE-2019-14814: Invalid Bug ID

There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.

CVE-2019-16056: Issue 34155: [CVE-2019-16056] email.utils.parseaddr mistakenly parse an email

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally.

CVE-2014-9940: Android Security Bulletin—May 2017

The regulator_ena_gpio_free function in drivers/regulator/core.c in the Linux kernel before 3.19 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted application.

CVE-2015-2716: Buffer overflow when parsing compressed XML

Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data, a related issue to CVE-2015-1283.