Allele Security Alert
ASA-2019-00630
Identifier(s)
ASA-2019-00630, CVE-2019-18683, CID-6dcd5d7a7a29
Title
Wrong locking causes race conditions on streaming stop in vivid driver
Vendor(s)
Linux foundation
Product(s)
Linux kernel
Affected version(s)
Linux kernel versions 5.4.x before 5.4.1
Linux kernel versions 5.3.x before 5.3.14
Linux kernel versions 4.14.x before 4.14.157
Linux kernel versions 4.19.x before 4.19.87
Linux kernel versions 4.9.x before 4.9.204
Linux kernel versions 4.4.x before 4.4.204
Fixed version(s)
Linux kernel version 5.4.1
Linux kernel version 5.3.14
Linux kernel version 4.14.157
Linux kernel version 4.19.87
Linux kernel version 4.9.204
Linux kernel version 4.4.204
Linux kernel versions with the following commit:
media: vivid: Fix wrong locking that causes race conditions on streaming stop
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6dcd5d7a7a29c1e4b8016a06aed78cd650cd8c27
Proof of concept
Yes
Description
An issue was discovered in drivers/media/platform/vivid in the Linux kernel. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem).
Technical details
Unknown
Credits
Alexander Popov
Reference(s)
media: vivid: Fix wrong locking that causes race conditions on streaming stop
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6dcd5d7a7a29c1e4b8016a06aed78cd650cd8c27
media: vivid: Fix wrong locking that causes race conditions on streaming stop
https://github.com/torvalds/linux/commit/6dcd5d7a7a29c1e4b8016a06aed78cd650cd8c27
[PATCH v4 1/1] media: vivid: Fix wrong locking that causes race conditions on streaming stop
https://lore.kernel.org/lkml/20191103221719.27118-1-alex.popov@linux.com/
[ Linux kernel ] Exploitable bugs in drivers/media/platform/vivid
https://www.openwall.com/lists/oss-security/2019/11/02/1
media: vivid: Fix wrong locking that causes race conditions on streaming stop
https://git.linuxtv.org/media_tree.git/commit/?id=6dcd5d7a7a29c1e4b8016a06aed78cd650cd8c27
Linux 5.4.1
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.1
Linux 5.3.14
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.14
Linux 4.14.157
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.157
Linux 4.19.87
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.87
Linux 4.9.204
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.204
Linux 4.4.204
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.204
CVE-2019-18683 | SUSE
https://www.suse.com/security/cve/CVE-2019-18683
https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18683.html
CVE-2019-18683 - Red Hat Customer Portal
https://access.redhat.com/security/cve/CVE-2019-18683
CVE-2019-18683
https://security-tracker.debian.org/tracker/CVE-2019-18683
CVE-2019-18683
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18683
CVE-2019-18683
https://nvd.nist.gov/vuln/detail/CVE-2019-18683
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: December 6, 2019