CVE-2019-10638

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.1.7

Description The issue is related to the Linux kernel's handling of IP ID values for connection-less protocols, such as UDP and ICMP. An attacker can track a device by exploiting hash collisions in the kernel's counter array, potentially obtaining the hashing key. This can be achieved by hosting a crafted web page that forces UDP traffic to attacker-controlled IP addresses, utilizing technologies like WebRTC or gQUIC. The vulnerability is also related to errors in processing identifier fields in the Linux kernel's "jhash" hash function, which can allow a remote attacker to disclose protected information using a specially crafted web page.

Recommendations For Linux kernel versions prior to 5.1.7, update to version 5.1.7 or later to resolve the issue. As a temporary workaround, consider restricting access to UDP traffic or disabling the use of WebRTC and gQUIC until a patch is applied.