QwikSec

Security Database

CVE

CWE

Training

CVE-2019-14835

Published: Sep 17, 2019

Modified: Aug 5, 2024

PUBLISHED

CVSS v3.0

7.2

HIGH

Description

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.

Vendor	Product	Versions
Linux Kernel	Linux kernel	affected `from version 2.6.34 to 5.2.x`

Weaknesses (CWE)

CVSS v3.0 Details

CVSS v3.0 Vector

CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

High

Privileges Required

High

User Interaction

Required

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14835

x_refsource_CONFIRM

https://www.openwall.com/lists/oss-security/2019/09/17/1

x_refsource_MISC

vendor-advisory

x_refsource_UBUNTU

FEDORA-2019-e3010166bd

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

http://packetstormsecurity.com/files/154572/Kernel-Live-Patch-Security-Notice-LSN-0056-1.html

x_refsource_MISC

[oss-security] 20190924 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow

mailing-list

x_refsource_MLIST

openSUSE-SU-2019:2173

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_REDHAT

openSUSE-SU-2019:2181

vendor-advisory

x_refsource_SUSE

[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update

mailing-list

x_refsource_MLIST

20190925 [SECURITY] [DSA 4531-1] linux security update

mailing-list

x_refsource_BUGTRAQ

vendor-advisory

x_refsource_DEBIAN

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_UBUNTU

[debian-lts-announce] 20191001 [SECURITY] [DLA 1940-1] linux-4.9 security update

mailing-list

x_refsource_MLIST

FEDORA-2019-a570a92d5a

vendor-advisory

x_refsource_FEDORA

[oss-security] 20191003 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow

mailing-list

x_refsource_MLIST

[oss-security] 20191009 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow

mailing-list

x_refsource_MLIST

[oss-security] 20191009 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_REDHAT

http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20191031-0005/

x_refsource_CONFIRM

20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)

mailing-list

x_refsource_BUGTRAQ

http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html

x_refsource_MISC

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-qemu-en

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.