Vulnerability Details : CVE-2019-10638
In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). An attack may be conducted by hosting a crafted web page that uses WebRTC or gQUIC to force UDP traffic to attacker-controlled IP addresses.
Products affected by CVE-2019-10638
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Threat overview for CVE-2019-10638
Top countries where our scanners detected CVE-2019-10638
Top open port discovered on systems with this issue
49152
IPs affected by CVE-2019-10638 23,187
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2019-10638!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2019-10638
0.33%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 71 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-10638
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:N/A:N |
8.6
|
2.9
|
NIST | |
6.5
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
2.8
|
3.6
|
NIST |
CWE ids for CVE-2019-10638
-
The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.Assigned by: nvd@nist.gov (Primary)
References for CVE-2019-10638
-
https://arxiv.org/pdf/1906.10478.pdf
Third Party Advisory
-
https://www.debian.org/security/2019/dsa-4495
Debian -- Security Information -- DSA-4495-1 linux
-
https://usn.ubuntu.com/4117-1/
USN-4117-1: Linux kernel (AWS) vulnerabilities | Ubuntu security notices
-
https://seclists.org/bugtraq/2019/Nov/11
Bugtraq: [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
-
https://security.netapp.com/advisory/ntap-20190806-0001/
July 2019 Linux Kernel Vulnerabilities in NetApp Products | NetApp Product Security
-
https://usn.ubuntu.com/4118-1/
USN-4118-1: Linux kernel (AWS) vulnerabilities | Ubuntu security notices
-
https://lists.debian.org/debian-lts-announce/2019/08/msg00016.html
[SECURITY] [DLA 1884-1] linux security update
-
https://access.redhat.com/errata/RHSA-2019:3517
RHSA-2019:3517 - Security Advisory - Red Hat Customer Portal
-
http://www.securityfocus.com/bid/109092
Linux Kernel CVE-2019-10638 Information Disclosure VulnerabilityThird Party Advisory
-
https://usn.ubuntu.com/4114-1/
USN-4114-1: Linux kernel vulnerabilities | Ubuntu security notices
-
https://usn.ubuntu.com/4116-1/
USN-4116-1: Linux kernel vulnerabilities | Ubuntu security notices
-
http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
Slackware Security Advisory - Slackware 14.2 kernel Updates ≈ Packet Storm
-
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.8
Mailing List;Release Notes;Vendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html
[security-announce] openSUSE-SU-2019:1757-1: important: Security update
-
https://www.oracle.com/security-alerts/cpuApr2021.html
Oracle Critical Patch Update Advisory - April 2021
-
https://github.com/torvalds/linux/commit/55f0fc7a02de8f12757f4937143d8d5091b2e40b
inet: update the IP ID generation algorithm to higher standards. · torvalds/linux@55f0fc7 · GitHubPatch;Third Party Advisory
-
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.7
Mailing List;Release Notes;Vendor Advisory
-
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=df453700e8d81b1bdafdf684365ee2b9431fb702
kernel/git/torvalds/linux.git - Linux kernel source treeMailing List;Patch;Vendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00014.html
[security-announce] openSUSE-SU-2019:1716-1: important: Security update
-
https://www.debian.org/security/2019/dsa-4497
Debian -- Security Information -- DSA-4497-1 linux
-
https://github.com/torvalds/linux/commit/df453700e8d81b1bdafdf684365ee2b9431fb702
inet: switch IP ID generator to siphash · torvalds/linux@df45370 · GitHubPatch;Third Party Advisory
-
https://usn.ubuntu.com/4115-1/
USN-4115-1: Linux kernel vulnerabilities | Ubuntu security notices
-
https://github.com/torvalds/linux/commit/355b98553789b646ed97ad801a619ff898471b92
netns: provide pure entropy for net_hash_mix() · torvalds/linux@355b985 · GitHubPatch;Third Party Advisory
-
https://seclists.org/bugtraq/2019/Aug/13
Bugtraq: [SECURITY] [DSA 4495-1] linux security update
-
https://access.redhat.com/errata/RHSA-2019:3309
RHSA-2019:3309 - Security Advisory - Red Hat Customer Portal
-
https://lists.debian.org/debian-lts-announce/2019/08/msg00017.html
[SECURITY] [DLA 1885-1] linux-4.9 security update
-
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=355b98553789b646ed97ad801a619ff898471b92
kernel/git/torvalds/linux.git - Linux kernel source treeMailing List;Patch;Vendor Advisory
-
https://seclists.org/bugtraq/2019/Aug/18
Bugtraq: [SECURITY] [DSA 4497-1] linux security update
Jump to