Vulnerability Description
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 2.6.27, <= 3.15.10 |
| Redhat | Virtualization Host | 4.0 |
| Redhat | Enterprise Linux | 8.0 |
| Redhat | Enterprise Linux Desktop | 6.0 |
| Redhat | Enterprise Linux Eus | 7.7 |
| Redhat | Enterprise Linux For Real Time | 7 |
| Redhat | Enterprise Linux Server | 6.0 |
| Redhat | Enterprise Linux Server Aus | 7.7 |
| Redhat | Enterprise Linux Server Tus | 7.7 |
| Redhat | Enterprise Linux Workstation | 6.0 |
| Canonical | Ubuntu Linux | 14.04 |
| Opensuse | Leap | 15.0 |
| Fedoraproject | Fedora | 29 |
| Debian | Debian Linux | 8.0 |
| Netapp | Aff A700S Firmware | - |
| Netapp | Aff A700S | - |
| Netapp | H300S Firmware | - |
| Netapp | H300S | - |
| Netapp | H500S Firmware | - |
| Netapp | H500S | - |
Related Weaknesses (CWE)
References
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.htmlMailing ListThird Party Advisory
- http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSThird Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-SlackwarThird Party AdvisoryVDB Entry
- http://www.openwall.com/lists/oss-security/2019/09/20/1Mailing ListPatchThird Party Advisory
- https://access.redhat.com/errata/RHSA-2019:3309Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:3517Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:3978Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:3979Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:4154Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:4256Third Party Advisory
- https://access.redhat.com/errata/RHSA-2020:0027Third Party Advisory
- https://access.redhat.com/errata/RHSA-2020:0204Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14821Issue TrackingMitigationPatch
- https://lists.debian.org/debian-lts-announce/2019/09/msg00025.htmlMailing ListThird Party Advisory
FAQ
What is CVE-2019-14821?
CVE-2019-14821 is a vulnerability with a CVSS score of 8.8 (HIGH). An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ri...
How severe is CVE-2019-14821?
CVE-2019-14821 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-14821?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Redhat Virtualization Host, Redhat Enterprise Linux, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Eus.