cve/published/2019/CVE-2019-25160.mbox

From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: <linux-cve-announce@vger.kernel.org>
Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
Subject: CVE-2019-25160: netlabel: fix out-of-bounds memory accesses

Description
===========

In the Linux kernel, the following vulnerability has been resolved:

netlabel: fix out-of-bounds memory accesses

There are two array out-of-bounds memory accesses, one in
cipso_v4_map_lvl_valid(), the other in netlbl_bitmap_walk().  Both
errors are embarassingly simple, and the fixes are straightforward.

As a FYI for anyone backporting this patch to kernels prior to v4.8,
you'll want to apply the netlbl_bitmap_walk() patch to
cipso_v4_bitmap_walk() as netlbl_bitmap_walk() doesn't exist before
Linux v4.8.

The Linux kernel CVE team has assigned CVE-2019-25160 to this issue.


Affected and fixed versions
===========================

	Issue introduced in 2.6.19 with commit 446fda4f26822b2d42ab3396aafcedf38a9ff2b6 and fixed in 3.16.66 with commit 97bc3683c24999ee621d847c9348c75d2fe86272
	Issue introduced in 2.6.19 with commit 446fda4f26822b2d42ab3396aafcedf38a9ff2b6 and fixed in 3.18.137 with commit c61d01faa5550e06794dcf86125ccd325bfad950
	Issue introduced in 2.6.19 with commit 446fda4f26822b2d42ab3396aafcedf38a9ff2b6 and fixed in 4.4.177 with commit dc18101f95fa6e815f426316b8b9a5cee28a334e
	Issue introduced in 2.6.19 with commit 446fda4f26822b2d42ab3396aafcedf38a9ff2b6 and fixed in 4.9.163 with commit 1c973f9c7cc2b3caae93192fdc8ecb3f0b4ac000
	Issue introduced in 2.6.19 with commit 446fda4f26822b2d42ab3396aafcedf38a9ff2b6 and fixed in 4.14.106 with commit fcfe700acdc1c72eab231300e82b962bac2b2b2c
	Issue introduced in 2.6.19 with commit 446fda4f26822b2d42ab3396aafcedf38a9ff2b6 and fixed in 4.19.28 with commit e3713abc4248aa6bcc11173d754c418b02a62cbb
	Issue introduced in 2.6.19 with commit 446fda4f26822b2d42ab3396aafcedf38a9ff2b6 and fixed in 4.20.15 with commit fbf9578919d6c91100ec63acf2cba641383f6c78
	Issue introduced in 2.6.19 with commit 446fda4f26822b2d42ab3396aafcedf38a9ff2b6 and fixed in 5.0 with commit 5578de4834fe0f2a34fedc7374be691443396d1f

Please see https://www.kernel.org for a full list of currently supported
kernel versions by the kernel community.

Unaffected versions might change over time as fixes are backported to
older supported kernel versions.  The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2019-25160
will be updated if fixes are backported, please check that for the most
up to date information about this issue.


Affected files
==============

The file(s) affected by this issue are:
	net/ipv4/cipso_ipv4.c
	net/netlabel/netlabel_kapi.c


Mitigation
==========

The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes.  Individual
changes are never tested alone, but rather are part of a larger kernel
release.  Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all.  If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
	https://git.kernel.org/stable/c/97bc3683c24999ee621d847c9348c75d2fe86272
	https://git.kernel.org/stable/c/c61d01faa5550e06794dcf86125ccd325bfad950
	https://git.kernel.org/stable/c/dc18101f95fa6e815f426316b8b9a5cee28a334e
	https://git.kernel.org/stable/c/1c973f9c7cc2b3caae93192fdc8ecb3f0b4ac000
	https://git.kernel.org/stable/c/fcfe700acdc1c72eab231300e82b962bac2b2b2c
	https://git.kernel.org/stable/c/e3713abc4248aa6bcc11173d754c418b02a62cbb
	https://git.kernel.org/stable/c/fbf9578919d6c91100ec63acf2cba641383f6c78
	https://git.kernel.org/stable/c/5578de4834fe0f2a34fedc7374be691443396d1f