Vulnerability Change Records for CVE-2019-18660

Change History

CVE Modified by MITRE 11/27/2019 8:15:10 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.openwall.com/lists/oss-security/2019/11/27/1 [No Types Assigned]

CVE Modified by MITRE 1/07/2020 6:15:11 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://usn.ubuntu.com/4227-2/ [No Types Assigned]

CVE Modified by MITRE 1/23/2020 1:15:13 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://usn.ubuntu.com/4225-2/ [No Types Assigned]

CVE Modified by MITRE 12/12/2019 11:15:13 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html [No Types Assigned]

CVE Modified by MITRE 1/21/2020 3:15:13 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2020:0174 [No Types Assigned]

CVE Modified by MITRE 1/07/2020 5:15:12 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://usn.ubuntu.com/4225-1/ [No Types Assigned]
Added Reference

								
							
							
						
https://usn.ubuntu.com/4226-1/ [No Types Assigned]
Added Reference

								
							
							
						
https://usn.ubuntu.com/4228-2/ [No Types Assigned]

CVE Modified by MITRE 1/07/2020 1:15:14 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://usn.ubuntu.com/4227-1/ [No Types Assigned]
Added Reference

								
							
							
						
https://usn.ubuntu.com/4228-1/ [No Types Assigned]

Initial Analysis 12/10/2019 10:33:22 AM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
     *cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to (excluding) 5.4.1
Added CVSS V2

								
							
							
						
NIST (AV:L/AC:L/Au:N/C:P/I:N/A:N)
Added CVSS V3.1

								
							
							
						
NIST AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Added CWE

								
							
							
						
NIST CWE-200
Changed Reference Type
http://www.openwall.com/lists/oss-security/2019/11/27/1 No Types Assigned
http://www.openwall.com/lists/oss-security/2019/11/27/1 Mailing List, Patch, Third Party Advisory
Changed Reference Type
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.1 No Types Assigned
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.1 Release Notes, Vendor Advisory
Changed Reference Type
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=39e72bf96f5847ba87cc5bd7a3ce0fed813dc9ad No Types Assigned
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=39e72bf96f5847ba87cc5bd7a3ce0fed813dc9ad Patch, Vendor Advisory
Changed Reference Type
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYIFGYEDQXP5DVJQQUARQRK2PXKBKQGY/ No Types Assigned
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYIFGYEDQXP5DVJQQUARQRK2PXKBKQGY/ Mailing List, Third Party Advisory
Changed Reference Type
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YWWOOJKZ4NQYN4RMFIVJ3ZIXKJJI3MKP/ No Types Assigned
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YWWOOJKZ4NQYN4RMFIVJ3ZIXKJJI3MKP/ Third Party Advisory
Changed Reference Type
https://www.openwall.com/lists/oss-security/2019/11/27/1 No Types Assigned
https://www.openwall.com/lists/oss-security/2019/11/27/1 Mailing List, Patch, Third Party Advisory

CVE Modified by MITRE 1/09/2020 6:15:10 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://seclists.org/bugtraq/2020/Jan/10 [No Types Assigned]

CVE Modified by MITRE 12/06/2019 11:15:10 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YWWOOJKZ4NQYN4RMFIVJ3ZIXKJJI3MKP/ [No Types Assigned]

CVE Modified by MITRE 1/09/2020 12:15:11 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html [No Types Assigned]

CVE Modified by MITRE 12/06/2019 3:15:11 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYIFGYEDQXP5DVJQQUARQRK2PXKBKQGY/ [No Types Assigned]

CVE Modified by MITRE 1/03/2020 6:15:13 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://security.netapp.com/advisory/ntap-20200103-0001/ [No Types Assigned]

CVE Modified by MITRE 12/06/2019 9:15:09 AM

Action Type Old Value New Value
Changed Description
The Linux kernel through 5.3.13 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c.
The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c.
Added Reference

								
							
							
						
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.1 [No Types Assigned]