Bug 1679889 (CVE-2019-8956) - CVE-2019-8956 Kernel: SCTP: use-after-free while traversing list of endpoint associations
Summary: CVE-2019-8956 Kernel: SCTP: use-after-free while traversing list of endpoint ...
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2019-8956
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1679890 1679920 1679921
Blocks: 1679857
TreeView+ depends on / blocked
 
Reported: 2019-02-22 07:24 UTC by Prasad Pandit
Modified: 2021-02-16 22:21 UTC (History)
18 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A use-after-free issue was found in the Linux kernel's SCTP implementation. The issue could occur while traversing a list of endpoint associations to send a message to all of them via SCTP_SENDALL process. A user/process could use this flaw to crash the kernel resulting in a denial of service or potentially escalate privileges on a system.
Clone Of:
Environment:
Last Closed: 2019-03-18 14:20:01 UTC
Embargoed:

Attachments (Terms of Use)

Description Prasad Pandit 2019-02-22 07:24:00 UTC 
A use-after-free issue was found in the Linux kernel's SCTP implementation.
It could occur while traversing a list of endpoint associations to send
a message to all of them via SCTP_SENDALL process.

A user/process could use this flaw to crash the kernel resulting in DoS
or potentially escalate privileges on a system.

Upstream patch:
---------------
  -> https://git.kernel.org/linus/ba59fb0273076637f0add4311faa990a5eec27c0

Reference:
----------
  -> https://www.openwall.com/lists/oss-security/2019/02/21/2
  -> https://secuniaresearch.flexerasoftware.com/secunia_research/2019-5/
Comment 1 Prasad Pandit 2019-02-22 07:26:59 UTC 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1679890]
Comment 5 Justin M. Forbes 2019-02-22 14:04:06 UTC 
This was fixed for Fedora with the 4.20.8 stable updates.
Comment 6 Eric Christensen 2019-02-27 15:44:45 UTC 
Statement:

This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5, 6, 7, and Red Hat Enterprise MRG 2.
Note You need to log in before you can comment on or make changes to this bug.