FS#61832 - [linux-hardened] [linux-lts] [linux-zen] [linux] CVE-2019-8912, CVE-2019-8980
Attached to Project:
Arch Linux
Opened by Pascal Ernster (hardfalcon) - Friday, 22 February 2019, 09:02 GMT
Last edited by Jan de Groot (JGC) - Sunday, 16 June 2019, 05:31 GMT
Opened by Pascal Ernster (hardfalcon) - Friday, 22 February 2019, 09:02 GMT
Last edited by Jan de Groot (JGC) - Sunday, 16 June 2019, 05:31 GMT
|
Details
linux-hardened 4.20.11.a-1, linux-lts 4.19.24-1, linux
4.20.11.arch1 linux-zen 4.20.11.zen1-1 are all vulnerable to
CVE-2019-8912 (local privilege escalation) and CVE-2019-8980
(DoS vulnerability).
https://nvd.nist.gov/vuln/detail/CVE-2019-8912 https://nvd.nist.gov/vuln/detail/CVE-2019-8980 To fix this, the following patches should be cherrypicked until upstream pushes out a new release: "CVE-2019-8912.patch::https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/patch/?id=9060cb719e61b685ec0102574e10337fa5f445ea" "CVE-2019-8980.patch::https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/patch/?id=f612acfae86af7ecad754ae6a46019be9da05b8e" |
This task depends upon
https://git.archlinux.org/linux.git/tree/crypto/af_alg.c?h=v4.20.11-arch1#n127 is missing the sock->sk = NULL;
commit for CVE-2019-8912 is queued for next stable release
4.20.12 https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/commit/queue-4.20/net-crypto-set-sk-to-null-when-af_alg_release.patch?id=5358ceeb12f1f63c3c1f4b70e345d66f20a3122d
4.19.25 https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/commit/queue-4.19/net-crypto-set-sk-to-null-when-af_alg_release.patch?id=4e45db15a77c10c7dd0730b96d9bc70eab7ad50c
commit for CVE-2019-8980 is in Al Viro's vfs tree fixes branch https://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs.git/commit/?h=fixes&id=f612acfae86af7ecad754ae6a46019be9da05b8e not yet in mainline.