CVE-2019-18282: Infoleak
First published: Tue Oct 22 2019(Updated: )
A device tracking vulnerability was found in the flow_dissector feature in the Linux kernel. This flaw occurs because the auto flowlabel of the UDP IPv6 packet relies on a 32-bit hashmd value as a secret, and jhash (instead of siphash) is used. The hashmd value remains the same starting from boot time and can be inferred by an attacker.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel-rt | <0:3.10.0-1160.11.1.rt56.1145.el7 | 0:3.10.0-1160.11.1.rt56.1145.el7 |
| redhat/kernel | <0:3.10.0-1160.11.1.el7 | 0:3.10.0-1160.11.1.el7 |
| redhat/kernel-rt | <0:4.18.0-193.rt13.51.el8 | 0:4.18.0-193.rt13.51.el8 |
| redhat/kernel | <0:4.18.0-193.el8 | 0:4.18.0-193.el8 |
| Google Android | ||
| Linux Linux kernel | >=4.3<=5.3.10 | |
| Debian Debian Linux | =8.0 | |
| Netapp A700s Firmware | ||
| Netapp A700s | ||
| Netapp 8300 Firmware | ||
| Netapp 8300 | ||
| Netapp 8700 Firmware | ||
| Netapp 8700 | ||
| Netapp A400 Firmware | ||
| Netapp A400 | ||
| Netapp H610s Firmware | ||
| Netapp H610s | ||
| Netapp Active Iq Unified Manager Vmware Vsphere | ||
| Netapp Cloud Backup | ||
| Netapp Data Availability Services | ||
| NetApp E-Series SANtricity OS Controller | >=11.0.0<=11.70.1 | |
| Netapp Hci Management Node | ||
| Netapp Solidfire | ||
| Netapp Steelstore Cloud Integrated Storage |
Remedy
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://android.googlesource.com/kernel/common/+/55667441c84fa5e0911a0aac44fb059c15ba6da2
- https://source.android.com/docs/security/bulletin/2020-07-01 (Advisory)
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.10
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=55667441c84fa5e0911a0aac44fb059c15ba6da2
- https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html
- https://security.netapp.com/advisory/ntap-20200204-0002/
- https://www.computer.org/csdl/proceedings-article/sp/2020/349700b594/1j2LgrHDR2o
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1796364
- https://access.redhat.com/errata/RHSA-2020:5437
- https://access.redhat.com/errata/RHSA-2020:5441
- https://access.redhat.com/security/cve/cve-2019-18282
- https://bugzilla.redhat.com/show_bug.cgi?id=1796360
- https://www.cve.org/CVERecord?id=CVE-2019-18282 https://nvd.nist.gov/vuln/detail/CVE-2019-18282
- https://access.redhat.com/errata/RHSA-2020:1567
- https://access.redhat.com/errata/RHSA-2020:1769
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is CVE-2019-18282?
CVE-2019-18282 is a device tracking vulnerability found in the flow_dissector feature in the Linux kernel.
What is the severity of CVE-2019-18282?
The severity of CVE-2019-18282 is high with a CVSS score of 5.3.
How does CVE-2019-18282 occur?
CVE-2019-18282 occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and because jhash (instead of siphash) is used.
Which versions of the Linux kernel are affected by CVE-2019-18282?
The Linux kernel versions 4.3 through 5.x before 5.3.10 are affected by CVE-2019-18282.
Are there any remedies available for CVE-2019-18282?
Yes, there are remedies available for CVE-2019-18282. Please refer to the provided references for more information.
- collector/redhat-cve
- agent/type
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2019-18282
- collector/android-source
- agent/software-canonical-lookup-request
- agent/author
- agent/severity
- agent/references
- agent/remedy
- agent/weakness
- agent/tags
- agent/description
- agent/event
- collector/nvd-index
- package-manager/redhat
- vendor/google
- canonical/google android
- vendor/linux
- canonical/linux linux kernel
- version/linux linux kernel/4.3
- version/linux linux kernel/5.3.10
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/8.0
- vendor/netapp
- canonical/netapp a700s firmware
- canonical/netapp a700s
- canonical/netapp 8300 firmware
- canonical/netapp 8300
- canonical/netapp 8700 firmware
- canonical/netapp 8700
- canonical/netapp a400 firmware
- canonical/netapp a400
- canonical/netapp h610s firmware
- canonical/netapp h610s
- canonical/netapp active iq unified manager vmware vsphere
- canonical/netapp cloud backup
- canonical/netapp data availability services
- canonical/netapp e-series santricity os controller
- version/netapp e-series santricity os controller/11.0.0
- version/netapp e-series santricity os controller/11.70.1
- canonical/netapp hci management node
- canonical/netapp solidfire
- canonical/netapp steelstore cloud integrated storage