CVE-2019-10639: Weak Encryption
First published: Fri Jul 05 2019(Updated: )
A flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a net_hash_mix() function. A remote user could observe this IP ID field to extract the kernel address bits used to derive its value, which may result in leaking the hash key and potentially defeating KASLR.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel-rt | <0:3.10.0-1127.rt56.1093.el7 | 0:3.10.0-1127.rt56.1093.el7 |
| redhat/kernel | <0:3.10.0-1127.el7 | 0:3.10.0-1127.el7 |
| redhat/kernel | <0:3.10.0-1062.26.1.el7 | 0:3.10.0-1062.26.1.el7 |
| redhat/kernel-rt | <0:4.18.0-193.rt13.51.el8 | 0:4.18.0-193.rt13.51.el8 |
| redhat/kernel | <0:4.18.0-193.el8 | 0:4.18.0-193.el8 |
| IBM Data Risk Manager | <=2.0.6 | |
| Linux Kernel | >=4.1<=4.20.9 | |
| Linux Kernel | >=5.0<5.0.8 | |
| debian/linux | 5.10.223-1 5.10.234-1 6.1.129-1 6.1.128-1 6.12.20-1 6.12.21-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2019-10639 https://nvd.nist.gov/vuln/detail/CVE-2019-10639 https://arxiv.org/pdf/1906.10478.pdf
- https://bugzilla.redhat.com/show_bug.cgi?id=1729933
- https://access.redhat.com/errata/RHSA-2020:1070
- https://access.redhat.com/errata/RHSA-2020:1016
- https://access.redhat.com/errata/RHSA-2020:2522
- https://access.redhat.com/errata/RHSA-2020:1567
- https://access.redhat.com/errata/RHSA-2020:1769
- https://access.redhat.com/security/cve/cve-2019-10639
- http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00014.html
- http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html
- https://arxiv.org/pdf/1906.10478.pdf
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.8
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=355b98553789b646ed97ad801a619ff898471b92
- https://github.com/torvalds/linux/commit/355b98553789b646ed97ad801a619ff898471b92
- https://lists.debian.org/debian-lts-announce/2019/07/msg00022.html
- https://lists.debian.org/debian-lts-announce/2019/08/msg00017.html
- https://seclists.org/bugtraq/2019/Aug/18
- https://security.netapp.com/advisory/ntap-20190806-0001/
- https://support.f5.com/csp/article/K32804955
- https://support.f5.com/csp/article/K32804955?utm_source=f5support&utm_medium=RSS
- https://usn.ubuntu.com/4115-1/
- https://usn.ubuntu.com/4118-1/
- https://www.debian.org/security/2019/dsa-4497
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://support.f5.com/csp/article/K32804955?utm_source=f5support&amp;utm_medium=RSS
- https://launchpad.net/bugs/cve/CVE-2019-10639
- https://git.kernel.org/linus/355b98553789b646ed97ad801a619ff898471b92
- https://git.kernel.org/linus/b6a7719aedd7e5c0f2df7641aa47386111682df4
- https://git.kernel.org/linus/5a352dd0a3aac03b443c94828dfd7144261c8636
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1729934
- https://support.f5.com/csp/article/K32804955?utm_source=f5support&%3Butm_medium=RSS
- https://exchange.xforce.ibmcloud.com/vulnerabilities/167414
- https://www.ibm.com/support/pages/node/6335281 (Advisory)
- https://security-tracker.debian.org/tracker/CVE-2019-10639
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10639
- https://nvd.nist.gov/vuln/detail/CVE-2019-10639
- https://ubuntu.com/security/CVE-2019-10639
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is the severity of CVE-2019-10639?
CVE-2019-10639 has been classified with a moderate severity.
How do I fix CVE-2019-10639?
To fix CVE-2019-10639, update to the appropriate kernel version as specified in the remediation instructions.
Which systems are affected by CVE-2019-10639?
CVE-2019-10639 affects various Linux kernel versions, specifically those prior to 4.20.9 and certain Red Hat kernel versions.
Is there a specific patch for CVE-2019-10639?
Yes, kernel patches have been issued for CVE-2019-10639 in various distributions, including Red Hat and Debian.
Can remote users exploit CVE-2019-10639?
Yes, CVE-2019-10639 allows remote users to potentially exploit the vulnerability to leak hash keys used in the kernel.
- collector/redhat-cve
- agent/type
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2019-10639
- agent/author
- agent/severity
- agent/weakness
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/references
- agent/first-publish-date
- collector/usn-cve
- source/Ubuntu
- agent/description
- agent/event
- agent/last-modified-date
- agent/trending
- agent/source
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/tags
- agent/softwarecombine
- collector/security-tracker-debian
- source/Debian
- package-manager/redhat
- vendor/ibm
- canonical/ibm data risk manager
- version/ibm data risk manager/2.0.6
- vendor/linux
- canonical/linux kernel
- version/linux kernel/4.1
- version/linux kernel/4.20.9
- version/linux kernel/5.0
- package-manager/debian