Main Vulnerability Database SB2021030903

SB2021030903 - System tracking vulnerability in Linux kernel in F5OS

Published: March 9, 2021

Security Bulletin ID SB2021030903

Severity

Medium

Patch available

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Information disclosure

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Information disclosure (CVE-ID: CVE-2019-18282)

The vulnerability allows a remote attacker to track devices via UDP packets.

The vulnerability exists due to excessive data output in the flow_dissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 and affects net/core/flow_dissector.c and related code. The auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and because jhash (instead of siphash) is used. The hashrnd value remains the same starting from boot time, and can be inferred by an attacker. A remote attacker can use the hashrnd value and track reliably track activity of devices using UDP packets.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

https://support.f5.com/csp/article/K32380005<br></p>