CVE-2019-18282

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 4.3 through 5.x before 5.3.10

Description: The issue is related to the flow dissector feature in the Linux kernel, which has a device tracking vulnerability. This occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and jhash is used instead of siphash. The hashrnd value remains the same starting from boot time and can be inferred by an attacker, affecting net/core/flow dissector.c and related code. The vulnerability may allow a remote attacker to gain unauthorized access to protected information. Additionally, there is a possible packet injection due to improperly used crypto in the flow hash from keys function of flow dissector.c, which could lead to remote escalation of privilege with no additional execution privileges needed.

Recommendations: For Linux kernel versions 4.3 through 5.x before 5.3.10, update to version 5.3.10 or later to resolve the issue. As a temporary workaround, consider restricting access to the flow dissector feature until a patch is available. Avoid using the hashrnd value in the affected code until the issue is resolved.