Linux Kernel 'can_can_gw_rcv in net/can/gw.c' Local Denial of Service Vulnerability

Bugtraq ID:	106443
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2019-3701
Remote:	No
Local:	Yes
Published:	Dec 28 2018 12:00AM
Updated:	Dec 28 2018 12:00AM
Credit:	Muyu Yu
Vulnerable:	Linux kernel 4.19.13 Linux kernel 4.19.2 Linux kernel 4.18.16 Linux kernel 4.18.12 Linux kernel 4.18.11 Linux kernel 4.18.9 Linux kernel 4.18.6 Linux kernel 4.18.5 Linux kernel 4.17.7 Linux kernel 4.17.3 Linux kernel 4.17.2 Linux kernel 4.17.1 Linux kernel 4.16.11 Linux kernel 4.16.9 Linux kernel 4.16.6 Linux kernel 4.16.3 Linux kernel 4.15.14 Linux kernel 4.15.11 Linux kernel 4.15.9 Linux kernel 4.15.4 Linux kernel 4.14.78 Linux kernel 4.14.71 Linux kernel 4.14.67 Linux kernel 4.14.31 Linux kernel 4.14.13 + EnGarde Secure Linux 1.0.1 + Immunix Immunix OS 7+ + MandrakeSoft Single Network Firewall 7.2 + Mandriva Linux Mandrake 8.1 + Mandriva Linux Mandrake 8.0 ppc + Mandriva Linux Mandrake 8.0 + SuSE Linux 7.0 + SuSE Linux 6.4 + SuSE Linux 6.3 + Trustix Secure Linux 1.5 Linux kernel 4.14.11 + EnGarde Secure Linux 1.0.1 + Immunix Immunix OS 7+ + MandrakeSoft Single Network Firewall 7.2 + Mandriva Linux Mandrake 8.1 + Mandriva Linux Mandrake 8.0 ppc + Mandriva Linux Mandrake 8.0 + SuSE Linux 7.0 + SuSE Linux 6.4 + SuSE Linux 6.3 + Trustix Secure Linux 1.5 Linux kernel 4.14.10 Linux kernel 4.14.6 Linux kernel 4.14.5 Linux kernel 4.14.1 Linux kernel 4.13.11 Linux kernel 4.13.10 Linux kernel 4.13.9 Linux kernel 4.13.8 Linux kernel 4.13.7 Linux kernel 4.13.6 Linux kernel 4.13.4 Linux kernel 4.13.3 Linux kernel 4.12.9 Linux kernel 4.12.4 Linux kernel 4.12.3 Linux kernel 4.12.2 Linux kernel 4.11.9 Linux kernel 4.11.5 Linux kernel 4.11.4 Linux kernel 4.11.3 Linux kernel 4.11.2 Linux kernel 4.11.1 Linux kernel 4.11 Linux kernel 4.10.15 Linux kernel 4.10.13 Linux kernel 4.10.12 Linux kernel 4.10.10 Linux kernel 4.10.6 Linux kernel 4.10.4 Linux kernel 4.10 Linux kernel 4.9.135 Linux kernel 4.9.128 Linux kernel 4.9.74 Linux kernel 4.9.71 Linux kernel 4.9.68 Linux kernel 4.9.36 Linux kernel 4.9.13 Linux kernel 4.9.8 Linux kernel 4.9.4 Linux kernel 4.9.3 Linux kernel 4.8.11 Linux kernel 4.7.4 Linux kernel 4.4.157 Linux kernel 4.4.125 Linux kernel 4.4.105 Linux kernel 4.4.30 Linux kernel 4.4.29 Linux kernel 4.4.28 Linux kernel 4.4.27 Linux kernel 4.4.25 Linux kernel 4.4.24 + SuSE Linux 7.2 Linux kernel 4.4.23 Linux kernel 4.4.22 Linux kernel 4.4.7 Linux kernel 4.4.2 Linux kernel 4.2.3 Linux kernel 4.1.47 Linux kernel 4.1.4 Linux kernel 4.1.1 Linux kernel 4.0.6 Linux kernel 4.9.9 Linux kernel 4.9.11 Linux kernel 4.9 Linux kernel 4.8.7 Linux kernel 4.8.6 Linux kernel 4.8.3 Linux kernel 4.8.14 Linux kernel 4.8.13 Linux kernel 4.8.12 Linux kernel 4.8.1 Linux kernel 4.8 rc1 Linux kernel 4.8 Linux kernel 4.7.9 Linux kernel 4.7-rc6 Linux kernel 4.7-rc5 Linux kernel 4.7-rc1 Linux kernel 4.6.3 Linux kernel 4.6.2 Linux kernel 4.6.1 Linux kernel 4.6-rc1 Linux kernel 4.6 rc7 Linux kernel 4.6 rc6 Linux kernel 4.6 Linux kernel 4.5.5 Linux kernel 4.5-rc7 Linux kernel 4.5-rc4 Linux kernel 4.5-rc2 Linux kernel 4.5-rc1 Linux kernel 4.5 Linux kernel 4.4.38 Linux kernel 4.4.26 Linux kernel 4.4.14 Linux kernel 4.4.1 Linux kernel 4.4.0-57 Linux kernel 4.4-rc5 Linux kernel 4.4-rc4 Linux kernel 4.4-rc1 Linux kernel 4.4 Linux kernel 4.3.3 Linux kernel 4.3-rc1 Linux kernel 4.2.8 Linux kernel 4.2 Linux kernel 4.19 Linux kernel 4.18.1 Linux kernel 4.18 Linux kernel 4.17.4 Linux kernel 4.17.11 Linux kernel 4.17.10 Linux kernel 4.17-rc2 Linux kernel 4.17 Linux kernel 4.16-rc7 Linux kernel 4.16-rc6 Linux kernel 4.16-rc Linux kernel 4.16 Linux kernel 4.15.8 Linux kernel 4.15.7 Linux kernel 4.15.16 Linux kernel 4.15-rc8 Linux kernel 4.15-rc5 Linux kernel 4.15-rc4 Linux kernel 4.15 Linux kernel 4.14.8 Linux kernel 4.14.7 + EnGarde Secure Linux 1.0.1 + Immunix Immunix OS 7+ + MandrakeSoft Single Network Firewall 7.2 + Mandriva Linux Mandrake 8.1 + Mandriva Linux Mandrake 8.0 ppc + Mandriva Linux Mandrake 8.0 + SuSE Linux 7.0 + SuSE Linux 6.4 + SuSE Linux 6.3 + Trustix Secure Linux 1.5 Linux kernel 4.14.4 Linux kernel 4.14.3 Linux kernel 4.14.2 Linux kernel 4.14.15 Linux kernel 4.14.14 Linux kernel 4.14-rc5 Linux kernel 4.14-rc1 Linux kernel 4.14 Linux kernel 4.13.5 Linux kernel 4.13.2 Linux kernel 4.13.1 Linux kernel 4.13 Linux kernel 4.12.10 Linux kernel 4.12.1 Linux kernel 4.12-rc1 Linux kernel 4.12 Linux kernel 4.11.8 Linux kernel 4.11.7 Linux kernel 4.11 Linux kernel 4.10.9 Linux kernel 4.10.8 Linux kernel 4.10.7 Linux kernel 4.10.5 Linux kernel 4.10.3 Linux kernel 4.10.2 Linux kernel 4.10.11 Linux kernel 4.10.1 Linux kernel 4.10-rc8 Linux kernel 4.10-rc1 Linux kernel 4.1.15 Linux kernel 4.1 Linux kernel 4.0.5 Linux kernel 4.0-rc1 Linux kernel 4.0
Not Vulnerable:

Linux Kernel 'can_can_gw_rcv in net/can/gw.c' Local Denial of Service Vulnerability

Linux Kernel is prone to a local denial-of-service vulnerability.

A local attacker can exploit this issue to crash the driver or kernel, leading to a denial-of-service condition.

Versions through Linux Kernel 4.19.13 are vulnerable.

Linux Kernel 'can_can_gw_rcv in net/can/gw.c' Local Denial of Service Vulnerability

The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.

Linux Kernel 'can_can_gw_rcv in net/can/gw.c' Local Denial of Service Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Linux Kernel 'can_can_gw_rcv in net/can/gw.c' Local Denial of Service Vulnerability

References:

• Linux kernel Homepage (kernel.org)
  
• Bug 1120386 - (CVE-2019-3701) VUL-0: CVE-2019-3701: kernel: crash in CAN driver ()
  
• Oracle Linux Bulletin - April 2019 (Oracle)
  
• Subject: [PATCH] can: gw: ensure DLC boundaries after CAN frame modification ()