For the English version of this alert, click here.
Allele Security Alert
ASA-2019-00629
Identificador(es)
ASA-2019-00629, CVE-2019-18680, CID-91573ae4aed0
Título
NULL pointer dereference na função rds_tcp_kill_sock()
Fabricante(s)
Linux foundation
Produto(s)
Linux kernel
Versão(ões) afetada(s)
Linux kernel versões anteriores à 4.4.195
Linux kernel versões desde o seguinte commit:
net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock()
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=c4e97b06cfdc5213494c22dd5c2b41ff8b15e0ee
Versão(ões) corrigida(s)
Linux kernel versão 4.4.195
Linux kernel versões com o seguinte commit:
net: rds: Fix NULL ptr use in rds_tcp_kill_sock
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=91573ae4aed0a49660abdad4d42f2a0db995ee5e
Prova de Conceito
Desconhecido
Descrição
Existe um NULL pointer dereference na função rds_tcp_kill_sock() em net/rds/tcp.c que causa negação de serviço (DoS).
Detalhes técnicos
Desconhecido
Créditos
Desconhecido
Referência(s)
net: rds: Fix NULL ptr use in rds_tcp_kill_sock
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=91573ae4aed0a49660abdad4d42f2a0db995ee5e
net: rds: Fix NULL ptr use in rds_tcp_kill_sock
https://github.com/torvalds/linux/commit/91573ae4aed0a49660abdad4d42f2a0db995ee5e
net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock()
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=c4e97b06cfdc5213494c22dd5c2b41ff8b15e0ee
net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock()
https://github.com/torvalds/linux/commit/c4e97b06cfdc5213494c22dd5c2b41ff8b15e0ee
LKML: Mao Wenan: [PATCH stable 4.4 net] net: rds: Fix NULL ptr use in rds_tcp_kill_sock
https://lkml.org/lkml/2019/9/18/337
ChangeLog-4.4.195
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.195
https://access.redhat.com/security/cve/CVE-2019-18680
CVE-2019-18680 in Ubuntu
https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18680.html
CVE-2019-18680 | SUSE
https://www.suse.com/security/cve/CVE-2019-18680
CVE-2019-18680
https://security-tracker.debian.org/tracker/CVE-2019-18680
CVE-2019-18680
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18680
CVE-2019-18680
https://nvd.nist.gov/vuln/detail/CVE-2019-18680
Se encontrou algum erro neste alerta ou deseja uma análise compreensiva, entre em contato.
Última modificação: 6 dezembro 2019