{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2019-25160","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-02-26T17:07:20.465Z","datePublished":"2024-02-26T17:20:19.490Z","dateUpdated":"2025-05-04T06:58:16.017Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T06:58:16.017Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetlabel: fix out-of-bounds memory accesses\n\nThere are two array out-of-bounds memory accesses, one in\ncipso_v4_map_lvl_valid(), the other in netlbl_bitmap_walk().  Both\nerrors are embarassingly simple, and the fixes are straightforward.\n\nAs a FYI for anyone backporting this patch to kernels prior to v4.8,\nyou'll want to apply the netlbl_bitmap_walk() patch to\ncipso_v4_bitmap_walk() as netlbl_bitmap_walk() doesn't exist before\nLinux v4.8."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/ipv4/cipso_ipv4.c","net/netlabel/netlabel_kapi.c"],"versions":[{"version":"446fda4f26822b2d42ab3396aafcedf38a9ff2b6","lessThan":"97bc3683c24999ee621d847c9348c75d2fe86272","status":"affected","versionType":"git"},{"version":"446fda4f26822b2d42ab3396aafcedf38a9ff2b6","lessThan":"c61d01faa5550e06794dcf86125ccd325bfad950","status":"affected","versionType":"git"},{"version":"446fda4f26822b2d42ab3396aafcedf38a9ff2b6","lessThan":"dc18101f95fa6e815f426316b8b9a5cee28a334e","status":"affected","versionType":"git"},{"version":"446fda4f26822b2d42ab3396aafcedf38a9ff2b6","lessThan":"1c973f9c7cc2b3caae93192fdc8ecb3f0b4ac000","status":"affected","versionType":"git"},{"version":"446fda4f26822b2d42ab3396aafcedf38a9ff2b6","lessThan":"fcfe700acdc1c72eab231300e82b962bac2b2b2c","status":"affected","versionType":"git"},{"version":"446fda4f26822b2d42ab3396aafcedf38a9ff2b6","lessThan":"e3713abc4248aa6bcc11173d754c418b02a62cbb","status":"affected","versionType":"git"},{"version":"446fda4f26822b2d42ab3396aafcedf38a9ff2b6","lessThan":"fbf9578919d6c91100ec63acf2cba641383f6c78","status":"affected","versionType":"git"},{"version":"446fda4f26822b2d42ab3396aafcedf38a9ff2b6","lessThan":"5578de4834fe0f2a34fedc7374be691443396d1f","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/ipv4/cipso_ipv4.c","net/netlabel/netlabel_kapi.c"],"versions":[{"version":"2.6.19","status":"affected"},{"version":"0","lessThan":"2.6.19","status":"unaffected","versionType":"semver"},{"version":"3.16.66","lessThanOrEqual":"3.16.*","status":"unaffected","versionType":"semver"},{"version":"3.18.137","lessThanOrEqual":"3.18.*","status":"unaffected","versionType":"semver"},{"version":"4.4.177","lessThanOrEqual":"4.4.*","status":"unaffected","versionType":"semver"},{"version":"4.9.163","lessThanOrEqual":"4.9.*","status":"unaffected","versionType":"semver"},{"version":"4.14.106","lessThanOrEqual":"4.14.*","status":"unaffected","versionType":"semver"},{"version":"4.19.28","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"4.20.15","lessThanOrEqual":"4.20.*","status":"unaffected","versionType":"semver"},{"version":"5.0","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.19","versionEndExcluding":"3.16.66"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.19","versionEndExcluding":"3.18.137"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.19","versionEndExcluding":"4.4.177"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.19","versionEndExcluding":"4.9.163"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.19","versionEndExcluding":"4.14.106"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.19","versionEndExcluding":"4.19.28"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.19","versionEndExcluding":"4.20.15"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.19","versionEndExcluding":"5.0"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/97bc3683c24999ee621d847c9348c75d2fe86272"},{"url":"https://git.kernel.org/stable/c/c61d01faa5550e06794dcf86125ccd325bfad950"},{"url":"https://git.kernel.org/stable/c/dc18101f95fa6e815f426316b8b9a5cee28a334e"},{"url":"https://git.kernel.org/stable/c/1c973f9c7cc2b3caae93192fdc8ecb3f0b4ac000"},{"url":"https://git.kernel.org/stable/c/fcfe700acdc1c72eab231300e82b962bac2b2b2c"},{"url":"https://git.kernel.org/stable/c/e3713abc4248aa6bcc11173d754c418b02a62cbb"},{"url":"https://git.kernel.org/stable/c/fbf9578919d6c91100ec63acf2cba641383f6c78"},{"url":"https://git.kernel.org/stable/c/5578de4834fe0f2a34fedc7374be691443396d1f"}],"title":"netlabel: fix out-of-bounds memory accesses","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CISA ADP Vulnrichment","metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2019-25160","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-02-27T16:02:54.112450Z"}}}],"providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-06-04T17:12:00.236Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-05T03:00:19.401Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/97bc3683c24999ee621d847c9348c75d2fe86272","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/c61d01faa5550e06794dcf86125ccd325bfad950","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/dc18101f95fa6e815f426316b8b9a5cee28a334e","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/1c973f9c7cc2b3caae93192fdc8ecb3f0b4ac000","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/fcfe700acdc1c72eab231300e82b962bac2b2b2c","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/e3713abc4248aa6bcc11173d754c418b02a62cbb","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/fbf9578919d6c91100ec63acf2cba641383f6c78","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/5578de4834fe0f2a34fedc7374be691443396d1f","tags":["x_transferred"]}]}]}}