Lucene search

K
ubuntucveUbuntu.comUB:CVE-2019-3701
HistoryJan 03, 2019 - 12:00 a.m.

CVE-2019-3701

2019-01-0300:00:00
ubuntu.com
ubuntu.com
14

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

30.3%

An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux
kernel through 4.19.13. The CAN frame modification rules allow bitwise
logical operations that can be also applied to the can_dlc field. The
privileged user “root” with CAP_NET_ADMIN can create a CAN frame
modification rule that makes the data length code a higher value than the
available CAN frame data size. In combination with a configured checksum
calculation where the result is stored relatively to the end of the data
(e.g. cgw_csum_xor_rel) the tail of the skb (e.g. frag_list pointer in
skb_shared_info) can be rewritten which finally can cause a system crash.
Because of a missing check, the CAN drivers may write arbitrary content
beyond the data registers in the CAN controller’s I/O memory when
processing can-gw manipulated outgoing frames.

Bugs

Notes

Author Note
tyhicks The original CVE description that states that an unprivileged user can trigger a system crash is incorrect. Only the root user, from the init namespace, can trigger the system crash. Therefore, we’ll prioritize this issue as negligible.
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux-aws< 4.15.0-1047.49UNKNOWN
ubuntu14.04noarchlinux-aws< 4.4.0-1040.43UNKNOWN
ubuntu16.04noarchlinux-aws< 4.4.0-1079.89UNKNOWN
ubuntu18.04noarchlinux-azure< 5.0.0-1014.14~18.04.1UNKNOWN
ubuntu16.04noarchlinux-azure< 4.15.0-1056.61UNKNOWN
ubuntu16.04noarchlinux-aws-hwe< 4.15.0-1047.49~16.04.1UNKNOWN
ubuntu18.04noarchlinux< 4.15.0-60.67UNKNOWN
ubuntu16.04noarchlinux< 4.4.0-145.171UNKNOWN
ubuntu18.04noarchlinux-azure-edge< 5.0.0-1014.14~18.04.1UNKNOWN
ubuntu16.04noarchlinux-azure-edge< 4.15.0-1056.61UNKNOWN
Rows per page:
1-10 of 291

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

30.3%

Related for UB:CVE-2019-3701