1794404 – (CVE-2019-19965) CVE-2019-19965 kernel: NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery

Bug 1794404 (CVE-2019-19965) - CVE-2019-19965 kernel: NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery

Summary: CVE-2019-19965 kernel: NULL pointer dereference in drivers/scsi/libsas/sas_di...

Keywords:
Status:	CLOSED WONTFIX
Alias:	CVE-2019-19965
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1890042 1890043 1890044 1890045 1890046 1794405 1812039 1812040 1812041 1812042 1812043
Blocks:	1794406
TreeView+	depends on / blocked

Reported:	2020-01-23 14:14 UTC by Guilherme de Almeida Suckevicz
Modified:	2021-12-15 11:14 UTC (History)
CC List:	41 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:	A NULL pointer dereference flaw was found in the Linux kernel’s SCSI disk subsystem. A local user could use this flaw to crash the system, causing a denial of service.
Clone Of:
Environment:
Last Closed:	2021-12-15 11:14:08 UTC
Embargoed:

Attachments	(Terms of Use)

Description Guilherme de Almeida Suckevicz 2020-01-23 14:14:40 UTC

In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition.

Reference and upstream commit:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f70267f379b5e5e11bdc5d72a56bf17e5feed01f

Comment 1 Guilherme de Almeida Suckevicz 2020-01-23 14:15:28 UTC

Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1794405]

Comment 2 Justin M. Forbes 2020-01-23 19:13:11 UTC

This is fixed for Fedora with the 5.4.9 stable kernel update.

Comment 5 Alex 2020-03-10 17:22:47 UTC

Mitigation:

To mitigate this issue, prevent module libsas from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.

Note You need to log in before you can comment on or make changes to this bug.

acaringi
airlied
bhu
blc
brdeoliv
bskeggs
dhoward
dvlasenk
esammons
fhrbata
hdegoede
hkrzesin
iboverma
ichavero
itamar
jarodwilson
jeremy
jforbes
jlelli
john.j5live
jonathan
josef
jross
jshortt
jstancek
jwboyer
kernel-maint
kernel-mgr
lgoncalv
linville
masami256
mchehab
mcressma
mjg59
mlangsdo
nmurray
qzhao
rt-maint
rvrbovsk
steved
williams