CVE-2019-18282

Priority
Description
The flow_dissector feature in the Linux kernel 4.3 through 5.x before
5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This
occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit
hashrnd value as a secret, and because jhash (instead of siphash) is used.
The hashrnd value remains the same starting from boot time, and can be
inferred by an attacker. This affects net/core/flow_dissector.c and related
code.
Notes
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (was needed ESM criteria)
Ubuntu 14.04 ESM (Trusty Tahr):ignored (was needed ESM criteria)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-170.199)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-74.84)
Ubuntu 20.04 LTS (Focal Fossa):not-affected (5.4.0-9.12)
Ubuntu 20.10 (Groovy Gorilla):not-affected (5.4.0-26.30)
Patches:
Break-fix:cb1ce2ef387b01686469487edd45994872d52d73
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):pending (4.4.0-1059.63)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1099.110)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1057.59)
Ubuntu 20.04 LTS (Focal Fossa):not-affected (5.4.0-1005.5)
Ubuntu 20.10 (Groovy Gorilla):not-affected (5.4.0-1009.9)
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (5.0.0-1023.26~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.3.0-1016.17~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.4.0-1018.18~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1057.59~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):released (4.15.0-1066.71~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1066.71)
Ubuntu 18.04 LTS (Bionic Beaver):released (5.0.0-1028.30~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):not-affected (5.4.0-1006.6)
Ubuntu 20.10 (Groovy Gorilla):not-affected (5.4.0-1010.10)
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1082.92)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (5.3.0-1008.9~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.4.0-1020.20~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1052.56)
Ubuntu 18.04 LTS (Bionic Beaver):released (5.0.0-1028.29~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):not-affected (5.4.0-1005.5)
Ubuntu 20.10 (Groovy Gorilla):not-affected (5.4.0-1009.9)
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1071.81)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (5.3.0-1009.10~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.4.0-1019.19~18.04.2)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1050.53)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (5.0.0-1027.28~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.3.0-1011.12~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-74.83~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (5.3.0-26.28~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.4.0-37.41~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needs-triage now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1063.70)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1052.52)
Ubuntu 20.04 LTS (Focal Fossa):not-affected (5.4.0-1004.4)
Ubuntu 20.10 (Groovy Gorilla):not-affected (5.4.0-1009.9)
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (was needed ESM criteria)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):pending (4.4.0-170.199~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needs-triage now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1066.76)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 20.04 LTS (Focal Fossa):not-affected (5.6.0-1007.7)
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (5.0.0-1033.38)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1031.34~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1031.34)
Ubuntu 20.04 LTS (Focal Fossa):not-affected (5.4.0-1005.5)
Ubuntu 20.10 (Groovy Gorilla):not-affected (5.4.0-1009.9)
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (5.0.0-1009.14~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.3.0-1011.12~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.4.0-1019.19~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 20.04 LTS (Focal Fossa):not-affected (5.4.0-1007.7)
Ubuntu 20.10 (Groovy Gorilla):not-affected (5.4.0-1008.8)
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.4.0-1013.13~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1126.135)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1053.57)
Ubuntu 20.04 LTS (Focal Fossa):ignored (was needed now end-of-life)
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.3.0-1017.19~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 20.04 LTS (Focal Fossa):not-affected (5.4.0-24.28)
Ubuntu 20.10 (Groovy Gorilla):not-affected (5.4.0-24.28)
Package
Upstream:released (5.4~rc6)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1130.138)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1070.77)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
More Information

Updated: 2020-10-03 02:16:00 UTC (commit 7e4c2c72cab6fe0d2222018549e8910cb588d73e)