Bug 1187049 – VUL-1: CVE-2019-25045: kernel-source-rt,kernel-source-azure,kernel-source: An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46.

Bug 1187049 - (CVE-2019-25045) VUL-1: CVE-2019-25045: kernel-source-rt,kernel-source-azure,kernel-source: An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46.

(CVE-2019-25045)
Summary:	VUL-1: CVE-2019-25045: kernel-source-rt,kernel-source-azure,kernel-source: An...

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P4 - Low Severity: Minor
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/301365/
Whiteboard:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2021-06-08 13:19 UTC by Marcus Meissner
Modified:	2022-06-09 10:57 UTC (History)
CC List:	6 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marcus Meissner 2021-06-08 13:19:43 UTC

CVE-2019-25045

An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem
has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-25045
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25045
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.19
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dbb2483b2a46fbaf833cfb5deb5ed9cace9c7399
https://syzkaller.appspot.com/bug?id=f99edaeec58ad40380ed5813d89e205861be2896
https://sites.google.com/view/syzscope/warning-in-xfrm_state_fini-2

Comment 1 Marcus Meissner 2021-06-08 13:21:20 UTC

fix is in 5.1 and newer
fixes bug in 4.15+

should not affect any SLE

Comment 3 Takashi Iwai 2021-06-22 15:00:53 UTC

We have a backport of the buggy commit in SLE12-SP5, but it already contains the fix, too.  I'll update the patch reference there.
Other older branches don't contain the backport, and the other newer branches have already based on the fixed upstream release.

Reassigned back to security team.

Comment 8 Swamp Workflow Management 2021-07-14 19:37:28 UTC

SUSE-SU-2021:2321-1: An update that solves 9 vulnerabilities and has 76 fixes is now available.

Category: security (important)
Bug References: 1103990,1103991,1104353,1113994,1114648,1129770,1135481,1136345,1174978,1179610,1182470,1185486,1185677,1185701,1185861,1185863,1186206,1186264,1186463,1186515,1186516,1186517,1186518,1186519,1186520,1186521,1186522,1186523,1186524,1186525,1186526,1186527,1186528,1186529,1186530,1186531,1186532,1186533,1186534,1186535,1186537,1186538,1186539,1186540,1186541,1186542,1186543,1186545,1186546,1186547,1186548,1186549,1186550,1186551,1186552,1186554,1186555,1186556,1186627,1186635,1186638,1186698,1186699,1186700,1186701,1187038,1187049,1187402,1187404,1187407,1187408,1187409,1187411,1187412,1187452,1187453,1187455,1187554,1187595,1187601,1187630,1187631,1187833,1187867,1187972
CVE References: CVE-2019-25045,CVE-2020-24588,CVE-2020-26558,CVE-2020-36386,CVE-2021-0129,CVE-2021-0512,CVE-2021-0605,CVE-2021-33624,CVE-2021-34693
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.62.1, kernel-source-azure-4.12.14-16.62.1, kernel-syms-azure-4.12.14-16.62.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 9 Swamp Workflow Management 2021-07-14 19:48:07 UTC

SUSE-SU-2021:2349-1: An update that solves 9 vulnerabilities and has 79 fixes is now available.

Category: security (important)
Bug References: 1103990,1103991,1104353,1113994,1114648,1129770,1135481,1136345,1174978,1179610,1182470,1184040,1185428,1185486,1185677,1185701,1185861,1185863,1186206,1186264,1186463,1186515,1186516,1186517,1186518,1186519,1186520,1186521,1186522,1186523,1186524,1186525,1186526,1186527,1186528,1186529,1186530,1186531,1186532,1186533,1186534,1186535,1186537,1186538,1186539,1186540,1186541,1186542,1186543,1186545,1186546,1186547,1186548,1186549,1186550,1186551,1186552,1186554,1186555,1186556,1186627,1186635,1186638,1186698,1186699,1186700,1186701,1187038,1187049,1187402,1187404,1187407,1187408,1187409,1187411,1187412,1187452,1187453,1187455,1187554,1187595,1187601,1187630,1187631,1187833,1187867,1187972,1188010
CVE References: CVE-2019-25045,CVE-2020-24588,CVE-2020-26558,CVE-2020-36386,CVE-2021-0129,CVE-2021-0512,CVE-2021-0605,CVE-2021-33624,CVE-2021-34693
JIRA References: 
Sources used:
SUSE MicroOS 5.0 (src):    kernel-rt-4.12.14-10.49.1
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.49.1, kernel-rt_debug-4.12.14-10.49.1, kernel-source-rt-4.12.14-10.49.1, kernel-syms-rt-4.12.14-10.49.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 10 Swamp Workflow Management 2021-07-14 20:26:00 UTC

SUSE-SU-2021:2324-1: An update that solves 9 vulnerabilities and has 77 fixes is now available.

Category: security (important)
Bug References: 1103990,1103991,1104353,1113994,1114648,1129770,1135481,1136345,1174978,1179610,1182470,1185486,1185677,1185701,1185861,1185863,1186206,1186264,1186463,1186515,1186516,1186517,1186518,1186519,1186520,1186521,1186522,1186523,1186524,1186525,1186526,1186527,1186528,1186529,1186530,1186531,1186532,1186533,1186534,1186535,1186537,1186538,1186539,1186540,1186541,1186542,1186543,1186545,1186546,1186547,1186548,1186549,1186550,1186551,1186552,1186554,1186555,1186556,1186627,1186635,1186638,1186698,1186699,1186700,1186701,1187038,1187049,1187402,1187404,1187407,1187408,1187409,1187411,1187412,1187452,1187453,1187455,1187554,1187595,1187601,1187630,1187631,1187833,1187867,1187972,1188010
CVE References: CVE-2019-25045,CVE-2020-24588,CVE-2020-26558,CVE-2020-36386,CVE-2021-0129,CVE-2021-0512,CVE-2021-0605,CVE-2021-33624,CVE-2021-34693
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.77.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.77.1, kernel-obs-build-4.12.14-122.77.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.77.1, kernel-source-4.12.14-122.77.1, kernel-syms-4.12.14-122.77.1
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.77.1, kgraft-patch-SLE12-SP5_Update_20-1-8.3.1
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.77.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 14 Carlos López 2022-06-09 10:57:18 UTC

Done, closing.