#VU30501 Input validation error in Linux kernel - CVE-2019-5108

Cybersecurity Help s.r.o.

Published: 2019-12-23 | Updated: 2020-07-17

Vulnerability identifier: #VU30501

Vulnerability risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2019-5108

CWE-ID: CWE-20

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different denial-of-service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby APs of the same wireless infrastructure. An attacker can forge Authentication and Association Request packets to trigger this vulnerability.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: 5.0 - 5.0.21, 5.1 rc1 - 5.1.21, 5.2 - 5.2.21

External links
https://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html
https://git.kernel.org/linus/3e493173b7841259a08c5c8e5cbe90adb349da7e
https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html
https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html
https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html
https://security.netapp.com/advisory/ntap-20200204-0002/
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0900
https://usn.ubuntu.com/4285-1/
https://usn.ubuntu.com/4286-1/
https://usn.ubuntu.com/4286-2/
https://usn.ubuntu.com/4287-1/
https://usn.ubuntu.com/4287-2/
https://www.debian.org/security/2020/dsa-4698

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Red Hat Enterprise Linux for Real Time update for kernel-rt

Red Hat Enterprise Linux 7 update for kernel-alt

Input validation error in Linux kernel