ASA-2019-00643 – Linux kernel: Two memory leaks in sja1105_static_config_upload()

Posted on by Allele Security Intelligence in Alerts

Allele Security Alert

ASA-2019-00643

Identifier(s)

ASA-2019-00643, CVE-2019-18807, CID-68501df92d11

Title

Two memory leaks in sja1105_static_config_upload()

Vendor(s)

Linux foundation

Product(s)

Linux kernel

Affected version(s)

Linux kernel versions before 5.4

Linux kernel versions 5.3.x before 5.3.5

Linux kernel versions since the following commit:

net: dsa: Introduce driver for NXP SJA1105 5-port L2 switch
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8aa9ebccae87621d997707e4f25e53fddd7e30e4

net: dsa: sja1105: Prevent PHY jabbering during switch reset
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1a4c69406cc1c3c42bb7391c8eb544e93fe9b320

Fixed version(s)

Linux kernel version 5.4

Linux kernel version 5.3.5

Linux kernel versions with the following commit applied:

net: dsa: sja1105: Prevent leaking memory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=68501df92d116b760777a2cfda314789f926476f

Proof of concept

Unknown

Description

Two memory leaks in the sja1105_static_config_upload() function in drivers/net/dsa/sja1105/sja1105_spi.c in the Linux kernel allow attackers to cause a denial of service (memory consumption) by triggering static_config_buf_prepare_for_upload() or sja1105_inhibit_tx() failures.

Technical details

Unknown

Credits

Unknown

Reference(s)

net: dsa: sja1105: Prevent leaking memory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=68501df92d116b760777a2cfda314789f926476f

net: dsa: Introduce driver for NXP SJA1105 5-port L2 switch
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8aa9ebccae87621d997707e4f25e53fddd7e30e4

net: dsa: sja1105: Prevent PHY jabbering during switch reset
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1a4c69406cc1c3c42bb7391c8eb544e93fe9b320

Linux 5.4
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4

Linux 5.3.5
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.5

CVE-2019-18807 - Red Hat Customer Portal
https://access.redhat.com/security/cve/CVE-2019-18807

CVE-2019-18807 in Ubuntu
https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18807.html

CVE-2019-18807
https://security-tracker.debian.org/tracker/CVE-2019-18807

CVE-2019-18807
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18807

CVE-2019-18807
https://nvd.nist.gov/vuln/detail/CVE-2019-18807

If there is any error in this alert or you wish a comprehensive analysis, let us know.

Last modified: December 10, 2019

We are not responsible for any data loss, device corruption or any other type of issue due to the use of any information mentioned in our security alerts.