| Errata ID | 294 |
|---|---|
| Date | 2019-10-02 |
| Source package | univention-kernel-image-signed |
| Fixed in version | 5.0.0-8A~4.4.0.201909260927 |
| Description | This update addresses the following issues: * KVM: OOB memory access via mmio ring buffer (CVE-2019-14821) * vhost-net: guest to host kernel escape during migration (CVE-2019-14835) * Out of bounds memory access in parse_audio_mixer_unit in sound/usb/mixer.c (CVE-2019-15117) * Mishandling recursion in sound/usb/mixer.c leading to kernel stack exhaustion and crash (CVE-2019-15118) * Backporting error in ptrace_get_debugreg() (CVE-2019-15902) |
| Additional notes | This is the 2nd of two related updates. |
| CVE ID | CVE-2019-14821 CVE-2019-14835 CVE-2019-15117 CVE-2019-15118 CVE-2019-15902 |
| UCS Bug number | #50263 |
