The flow_dissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and because jhash (instead of siphash) is used. The hashrnd value remains the same starting from boot time, and can be inferred by an attacker. This affects net/core/flow_dissector.c and related code.
References
Link | Resource |
---|---|
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.10 | Mailing List Vendor Advisory |
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=55667441c84fa5e0911a0aac44fb059c15ba6da2 | Mailing List Patch Vendor Advisory |
https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html | Mailing List Third Party Advisory |
https://security.netapp.com/advisory/ntap-20200204-0002/ | Third Party Advisory |
https://www.computer.org/csdl/proceedings-article/sp/2020/349700b594/1j2LgrHDR2o | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
|
History
18 Apr 2022, 15:48
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-330 | |
First Time |
Netapp a700s
Netapp hci Management Node Netapp 8300 Firmware Debian debian Linux Netapp a400 Netapp e-series Santricity Os Controller Netapp Netapp a700s Firmware Netapp 8700 Firmware Netapp h610s Netapp 8700 Netapp 8300 Netapp cloud Backup Netapp active Iq Unified Manager Netapp data Availability Services Netapp a400 Firmware Debian Netapp steelstore Cloud Integrated Storage Netapp h610s Firmware Netapp solidfire |
|
CPE | cpe:2.3:h:netapp:a400:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:8700:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:* cpe:2.3:o:netapp:a700s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:8300:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:8700_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:* cpe:2.3:h:netapp:a700s:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:8300_firmware:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:a400_firmware:-:*:*:*:*:*:*:* |
|
References | (MISC) https://www.computer.org/csdl/proceedings-article/sp/2020/349700b594/1j2LgrHDR2o - Third Party Advisory | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20200204-0002/ - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html - Mailing List, Third Party Advisory |
Information
Published : 2020-01-16 16:15
Updated : 2023-12-10 13:13
NVD link : CVE-2019-18282
Mitre link : CVE-2019-18282
CVE.ORG link : CVE-2019-18282
JSON object : View
Products Affected
netapp
- a700s_firmware
- 8300_firmware
- a400_firmware
- cloud_backup
- 8700
- data_availability_services
- h610s_firmware
- hci_management_node
- a700s
- solidfire
- h610s
- 8700_firmware
- active_iq_unified_manager
- 8300
- a400
- steelstore_cloud_integrated_storage
- e-series_santricity_os_controller
linux
- linux_kernel
debian
- debian_linux
CWE
CWE-330
Use of Insufficiently Random Values