CVE-2019-25160: netlabel: fix out-of-bounds memory accesses - Greg Kroah-Hartman

From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-cve-announce@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Subject: CVE-2019-25160: netlabel: fix out-of-bounds memory accesses
Date: Mon, 26 Feb 2024 18:20:57 +0100	[thread overview]
Message-ID: <2024022657-CVE-2019-25160-e487@gregkh> (raw)

Description
===========

In the Linux kernel, the following vulnerability has been resolved:

netlabel: fix out-of-bounds memory accesses

There are two array out-of-bounds memory accesses, one in
cipso_v4_map_lvl_valid(), the other in netlbl_bitmap_walk().  Both
errors are embarassingly simple, and the fixes are straightforward.

As a FYI for anyone backporting this patch to kernels prior to v4.8,
you'll want to apply the netlbl_bitmap_walk() patch to
cipso_v4_bitmap_walk() as netlbl_bitmap_walk() doesn't exist before
Linux v4.8.

The Linux kernel CVE team has assigned CVE-2019-25160 to this issue.

Affected and fixed versions
===========================

	Issue introduced in 2.6.19 with commit 3faa8f982f95 and fixed in 3.16.66 with commit 97bc3683c249
	Issue introduced in 2.6.19 with commit 3faa8f982f95 and fixed in 3.18.137 with commit c61d01faa555
	Issue introduced in 2.6.19 with commit 3faa8f982f95 and fixed in 4.4.177 with commit dc18101f95fa
	Issue introduced in 2.6.19 with commit 3faa8f982f95 and fixed in 4.9.163 with commit 1c973f9c7cc2
	Issue introduced in 2.6.19 with commit 3faa8f982f95 and fixed in 4.14.106 with commit fcfe700acdc1
	Issue introduced in 2.6.19 with commit 3faa8f982f95 and fixed in 4.19.28 with commit e3713abc4248
	Issue introduced in 2.6.19 with commit 3faa8f982f95 and fixed in 4.20.15 with commit fbf9578919d6
	Issue introduced in 2.6.19 with commit 3faa8f982f95 and fixed in 5.0 with commit 5578de4834fe

Please see https://www.kernel.org or a full list of currently supported
kernel versions by the kernel community.

Unaffected versions might change over time as fixes are backported to
older supported kernel versions.  The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2019-25160
will be updated if fixes are backported, please check that for the most
up to date information about this issue.

Affected files
==============

The file(s) affected by this issue are:
	net/ipv4/cipso_ipv4.c
	net/netlabel/netlabel_kapi.c

Mitigation
==========

The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes.  Individual
changes are never tested alone, but rather are part of a larger kernel
release.  Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all.  If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
	https://git.kernel.org/stable/c/97bc3683c24999ee621d847c9348c75d2fe86272
	https://git.kernel.org/stable/c/c61d01faa5550e06794dcf86125ccd325bfad950
	https://git.kernel.org/stable/c/dc18101f95fa6e815f426316b8b9a5cee28a334e
	https://git.kernel.org/stable/c/1c973f9c7cc2b3caae93192fdc8ecb3f0b4ac000
	https://git.kernel.org/stable/c/fcfe700acdc1c72eab231300e82b962bac2b2b2c
	https://git.kernel.org/stable/c/e3713abc4248aa6bcc11173d754c418b02a62cbb
	https://git.kernel.org/stable/c/fbf9578919d6c91100ec63acf2cba641383f6c78
	https://git.kernel.org/stable/c/5578de4834fe0f2a34fedc7374be691443396d1f