First published: Fri Jul 05 2019(Updated: )
A flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a net_hash_mix() function. A remote user could observe this IP ID field to extract the kernel address bits used to derive its value, which may result in leaking the hash key and potentially defeating KASLR.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel-rt | <0:3.10.0-1127.rt56.1093.el7 | 0:3.10.0-1127.rt56.1093.el7 |
redhat/kernel | <0:3.10.0-1127.el7 | 0:3.10.0-1127.el7 |
redhat/kernel | <0:3.10.0-1062.26.1.el7 | 0:3.10.0-1062.26.1.el7 |
redhat/kernel-rt | <0:4.18.0-193.rt13.51.el8 | 0:4.18.0-193.rt13.51.el8 |
redhat/kernel | <0:4.18.0-193.el8 | 0:4.18.0-193.el8 |
IBM Data Risk Manager | <=2.0.6 | |
Linux Kernel | >=4.1<=4.20.9 | |
Linux Kernel | >=5.0<5.0.8 | |
debian/linux | 5.10.223-1 5.10.234-1 6.1.129-1 6.1.128-1 6.12.20-1 6.12.21-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
CVE-2019-10639 has been classified with a moderate severity.
To fix CVE-2019-10639, update to the appropriate kernel version as specified in the remediation instructions.
CVE-2019-10639 affects various Linux kernel versions, specifically those prior to 4.20.9 and certain Red Hat kernel versions.
Yes, kernel patches have been issued for CVE-2019-10639 in various distributions, including Red Hat and Debian.
Yes, CVE-2019-10639 allows remote users to potentially exploit the vulnerability to leak hash keys used in the kernel.