Bug 1721962 (CVE-2019-12819)
Summary: | CVE-2019-12819 kernel: use-after-free in function __mdiobus_register() in drivers/net/phy/mdio_bus.c | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Dhananjay Arunesh <darunesh> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | Fendy Tjahjadi <ftjahjad> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | acaringi, airlied, bhu, blc, brdeoliv, bskeggs, dhoward, dvlasenk, dvolkov, esammons, fhrbata, hdegoede, hkrzesin, iboverma, ichavero, itamar, jarodwilson, jeremy, jforbes, jglisse, jkacur, john.j5live, jonathan, josef, jross, jstancek, jwboyer, kernel-maint, kernel-mgr, kzhang, lgoncalv, linville, matt, mchehab, mcressma, mjg59, mlangsdo, nmurray, rt-maint, rvrbovsk, rvr, steved, williams, wmealing |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: |
A use-after-free flaw was found in the Linux kernel's MDIO section of the network management subsystem. An attacker who is able to hot-plug a network device can trigger the __mdiobus_register() function in drivers/net/phy/mdio_bus.c, which can cause a use-after-free condition causing a memory corruption and kernel panic or privilege escalation.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2020-11-04 02:21:25 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1721969, 1723284, 1723285, 1723286, 1772010 | ||
Bug Blocks: | 1721977 |
Description
Dhananjay Arunesh
2019-06-19 10:20:25 UTC
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1721969] This issue was fixed for Fedora with the 4.20.17 stable update This flaw is rated as moderate as the MDIO loading code will likely only be run in early boot, it would be a difficult flaw to exploit and would require the attacker to be able to run code at this time to groom the memory into place. I find it unlikely that this would be exploited on stationary servers, but it may be more of a problem when you can hotplug devices.. This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-12819 |