CVE-2019-3900

MEDIUM

Description

An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could use this flaw to stall the vhost_net kernel thread, resulting in a DoS scenario.

References

http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html

http://www.securityfocus.com/bid/108076

https://access.redhat.com/errata/RHSA-2019:1973

https://access.redhat.com/errata/RHSA-2019:2029

https://access.redhat.com/errata/RHSA-2019:2043

https://access.redhat.com/errata/RHSA-2019:3220

https://access.redhat.com/errata/RHSA-2019:3309

https://access.redhat.com/errata/RHSA-2019:3517

https://access.redhat.com/errata/RHSA-2019:3836

https://access.redhat.com/errata/RHSA-2019:3967

https://access.redhat.com/errata/RHSA-2019:4058

https://access.redhat.com/errata/RHSA-2020:0204

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3900

https://lists.debian.org/debian-lts-announce/2019/08/msg00016.html

https://lists.debian.org/debian-lts-announce/2019/08/msg00017.html

https://lists.fedoraproject.org/archives/list/[email protected]/message/AYTZH6QCNITK7353S6RCRT2PQHZSDPXD/

https://lists.fedoraproject.org/archives/list/[email protected]/message/RI3WXXM5URTZSR3RVEKO6MDXDFIKTZ5R/

https://lists.fedoraproject.org/archives/list/[email protected]/message/TOFNJA5NNVXQ6AV6KGZB677JIVXAMJHT/

https://seclists.org/bugtraq/2019/Aug/18

https://seclists.org/bugtraq/2019/Nov/11

https://security.netapp.com/advisory/ntap-20190517-0005/

https://usn.ubuntu.com/4114-1/

https://usn.ubuntu.com/4115-1/

https://usn.ubuntu.com/4116-1/

https://usn.ubuntu.com/4117-1/

https://usn.ubuntu.com/4118-1/

https://www.debian.org/security/2019/dsa-4497

https://www.spinics.net/lists/kernel/msg3111012.html

Details

Source: MITRE

Published: 2019-04-25

Updated: 2020-10-16

Type: CWE-835

Risk Information

CVSS v2.0

Base Score: 6.8

Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 8

Severity: MEDIUM

CVSS v3.0

Base Score: 7.7

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Impact Score: 4

Exploitability Score: 3.1

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:5.1:rc1:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:5.1:rc2:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:5.1:rc3:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:5.1:rc4:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:5.1:rc5:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:5.1:rc6:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration 5

OR

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*

Configuration 6

OR

cpe:2.3:a:netapp:active_iq_unified_manager_for_vmware_vsphere:*:*:*:*:*:*:*:*

cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:snapprotect:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap_for_vmware_vsphere:*:*:*:*:*:*:*:*

cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*

cpe:2.3:a:netapp:virtual_storage_console_for_vmware_vsphere:*:*:*:*:*:*:*:*

Configuration 7

AND

OR

cpe:2.3:o:netapp:cn1610_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:cn1610:-:*:*:*:*:*:*:*

Tenable Plugins

View all (42 total)

IDNameProductFamilySeverity
148041EulerOS 2.0 SP5 : kernel (EulerOS-SA-2021-1684)NessusHuawei Local Security Checks
high
145665CentOS 8 : kernel (CESA-2019:3517)NessusCentOS Local Security Checks
high
140499Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2020-5845)NessusOracle Linux Local Security Checks
high
135305Photon OS 2.0: Linux PHSA-2020-2.0-0225NessusPhotonOS Local Security Checks
medium
134387EulerOS 2.0 SP8 : kernel (EulerOS-SA-2020-1186)NessusHuawei Local Security Checks
critical
134312NewStart CGSL MAIN 4.05 : kernel Multiple Vulnerabilities (NS-SA-2020-0021)NessusNewStart CGSL Local Security Checks
high
133221RHEL 8 : kernel (RHSA-2020:0204)NessusRed Hat Local Security Checks
critical
132495NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0253)NessusNewStart CGSL Local Security Checks
high
132474NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel Multiple Vulnerabilities (NS-SA-2019-0247)NessusNewStart CGSL Local Security Checks
high
131675RHEL 7 : kernel (RHSA-2019:4058)NessusRed Hat Local Security Checks
high
131375RHEL 7 : kernel (RHSA-2019:3967)NessusRed Hat Local Security Checks
high
131227Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2019-089)NessusVirtuozzo Local Security Checks
high
131006Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20191113)NessusScientific Linux Local Security Checks
low
130993Oracle Linux 6 : kernel (ELSA-2019-3836)NessusOracle Linux Local Security Checks
low
130978CentOS 6 : kernel (CESA-2019:3836)NessusCentOS Local Security Checks
low
130928RHEL 6 : kernel (RHSA-2019:3836)NessusRed Hat Local Security Checks
low
130751Slackware 14.2 : Slackware 14.2 kernel (SSA:2019-311-01)NessusSlackware Local Security Checks
critical
130547RHEL 8 : kernel (RHSA-2019:3517)NessusRed Hat Local Security Checks
high
130526RHEL 8 : kernel-rt (RHSA-2019:3309)NessusRed Hat Local Security Checks
high
130376RHEL 7 : kernel (RHSA-2019:3220)NessusRed Hat Local Security Checks
medium
129920NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0183)NessusNewStart CGSL Local Security Checks
high
129900NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0180)NessusNewStart CGSL Local Security Checks
high
128680Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel regression (USN-4115-2)NessusUbuntu Local Security Checks
critical
128651CentOS 7 : kernel (CESA-2019:2029)NessusCentOS Local Security Checks
high
128478Ubuntu 16.04 LTS / 18.04 LTS : linux-aws vulnerabilities (USN-4118-1)NessusUbuntu Local Security Checks
critical
128477Ubuntu 19.04 : linux-aws vulnerabilities (USN-4117-1)NessusUbuntu Local Security Checks
high
128476Ubuntu 16.04 LTS : linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities (USN-4116-1)NessusUbuntu Local Security Checks
medium
128475Ubuntu 16.04 LTS / 18.04 LTS : linux, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, (USN-4115-1)NessusUbuntu Local Security Checks
critical
128474Ubuntu 18.04 LTS / 19.04 : linux, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, (USN-4114-1)NessusUbuntu Local Security Checks
medium
128226Scientific Linux Security Update : kernel on SL7.x x86_64 (20190806)NessusScientific Linux Local Security Checks
high
127921Debian DLA-1885-1 : linux-4.9 security updateNessusDebian Local Security Checks
high
127867Debian DSA-4497-1 : linux - security updateNessusDebian Local Security Checks
high
127866Debian DLA-1884-1 : linux security updateNessusDebian Local Security Checks
high
127655RHEL 7 : kernel-rt (RHSA-2019:2043)NessusRed Hat Local Security Checks
high
127650RHEL 7 : kernel (RHSA-2019:2029)NessusRed Hat Local Security Checks
high
127643RHEL 7 : kernel-alt (RHSA-2019:1973)NessusRed Hat Local Security Checks
medium
127060Amazon Linux AMI : kernel (ALAS-2019-1232)NessusAmazon Linux Local Security Checks
medium
126956Amazon Linux 2 : kernel (ALAS-2019-1232)NessusAmazon Linux Local Security Checks
medium
125588EulerOS Virtualization for ARM 64 3.0.2.0 : kernel (EulerOS-SA-2019-1636)NessusHuawei Local Security Checks
high
124661Fedora 28 : kernel (2019-a6cd583a8d)NessusFedora Local Security Checks
high
124572Fedora 30 : kernel (2019-87d807d7cb)NessusFedora Local Security Checks
medium
124571Fedora 29 : kernel (2019-8219efa9f6)NessusFedora Local Security Checks
high