PT-2019-6420 · Linux+3 · Linux Kernel+3

Jann Horn

Publicado

2019-02-27

Atualizado

2024-05-30

CVE-2019-25160

CVSS v3.1

7.1

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to v4.8

Description The issue is related to out-of-bounds memory accesses in the Linux kernel's netlabel component. There are two array out-of-bounds memory accesses, one in the cipso v4 map lvl valid() function, the other in the netlbl bitmap walk() function. Both errors are simple and the fixes are straightforward.

Recommendations For Linux kernel versions prior to v4.8, apply the netlbl bitmap walk() patch to cipso v4 bitmap walk(), as netlbl bitmap walk() does not exist before Linux v4.8. As a temporary workaround, consider disabling the cipso v4 map lvl valid() and netlbl bitmap walk() functions until a patch is available. Restrict access to the netlabel component to minimize the risk of exploitation.

Correção

Memory Corruption

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787CWE-125

Identificadores relacionados

AZL-39908

BDU:2024-01699

CESA-2019_3517

CVE-2019-25160

RHSA-2019:3517

RHSA-2019_3517

SUSE-SU-2024:1643-1

SUSE-SU-2024:1646-1

SUSE-SU-2024:1870-1

Produtos afetados

Centos

Linux Kernel

Red Hat

Suse

PT-2019-6420 · Linux+3 · Linux Kernel+3

CVE-2019-25160

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 466