Vulnerability identifier: #VU26993

Vulnerability risk: Low

CVSSv3.1: 6.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-15666

CWE-ID: CWE-125

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to a boundary condition in __xfrm_policy_unlink, which will cause denial of service, because verify_newpolicy_info in net/xfrm/xfrm_user.c mishandles directory validation.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Linux kernel: 5.0.0 - 5.0.18

---

External links
http://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.19
http://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b805d78d300bcf2c83d6df7da0c818b0fee41427
http://lists.debian.org/debian-lts-announce/2019/09/msg00014.html
http://lists.debian.org/debian-lts-announce/2019/09/msg00015.html

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.