CVE-2018-19854

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

An issue was discovered in the Linux kernel before 4.19.3. crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs. NOTE: this is a CVE-2013-2547 regression but with easier exploitability because the attacker does not need a capability (however, the system must have the CONFIG_CRYPTO_USER kconfig option).

References

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f43f39958beb206b53292801e216d9b8a660f087

https://access.redhat.com/errata/RHSA-2019:3309

https://access.redhat.com/errata/RHSA-2019:3517

https://github.com/torvalds/linux/commit/f43f39958beb206b53292801e216d9b8a660f087

https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.3

https://usn.ubuntu.com/3872-1/

https://usn.ubuntu.com/3878-1/

https://usn.ubuntu.com/3878-2/

https://usn.ubuntu.com/3901-1/

https://usn.ubuntu.com/3901-2/

Details

Source: MITRE

Published: 2018-12-04

Updated: 2019-11-06

Type: CWE-200

Risk Information

CVSS v2

Base Score: 1.9

Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 3.4

Severity: LOW

CVSS v3

Base Score: 4.7

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 1

Severity: MEDIUM

Tenable Plugins

View all (14 total)

IDNameProductFamilySeverity
145665CentOS 8 : kernel (CESA-2019:3517)NessusCentOS Local Security Checks
critical
136485Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2020-5676)NessusOracle Linux Local Security Checks
medium
130547RHEL 8 : kernel (RHSA-2019:3517)NessusRed Hat Local Security Checks
critical
130526RHEL 8 : kernel-rt (RHSA-2019:3309)NessusRed Hat Local Security Checks
critical
124984EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1531)NessusHuawei Local Security Checks
high
122647Ubuntu 14.04 LTS / 16.04 LTS : linux-hwe, linux-aws-hwe, linux-azure, linux-gcp, linux-oracle vulnerabilities (USN-3901-2)NessusUbuntu Local Security Checks
medium
122646Ubuntu 18.04 LTS : linux, linux-aws, linux-gcp, linux-kvm, linux-oem, linux-oracle, linux-raspi2 vulnerabilities (USN-3901-1)NessusUbuntu Local Security Checks
medium
122053Ubuntu 18.10 : linux-azure vulnerabilities (USN-3878-2)NessusUbuntu Local Security Checks
high
121595Ubuntu 18.10 : linux, linux-aws, linux-gcp, linux-kvm, linux-raspi2 vulnerabilities (USN-3878-1)NessusUbuntu Local Security Checks
high
121571SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:0224-1)NessusSuSE Local Security Checks
high
121569SUSE SLES12 Security Update : kernel (SUSE-SU-2019:0222-1) (Spectre)NessusSuSE Local Security Checks
high
121470Ubuntu 18.04 LTS : Linux kernel (HWE) vulnerabilities (USN-3872-1)NessusUbuntu Local Security Checks
high
121466SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2019:0196-1)NessusSuSE Local Security Checks
high
121289openSUSE Security Update : the Linux Kernel (openSUSE-2019-65)NessusSuSE Local Security Checks
high