Vulnerability-Lookup

WID-SEC-W-2023-0507

Vulnerability from csaf_certbund - Published: 2019-06-17 22:00 - Updated: 2023-04-10 22:00

Summary

Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen.

Betroffene Betriebssysteme: - Linux

CVE-2019-11477

Im Linux Kernel existieren mehrere Schwachstellen. Diese bestehen aufgrund einer unsachgemäßen Verarbeitung von TCP-Segmenten im Linux Kernel Netzwerk-Subsystem. Ein entfernter anonymer Angreifer kann diese Schwachstellen ausnutzen, um durch das Senden speziell gestalteter Pakete einen Denial of Service Zustand herbeizuführen.

Affected products

Known affected 22 products

Product	Identifier	Version
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Broadcom Brocade Switch Broadcom	`cpe:/h:brocade:switch:-`	—
Open Source Arch Linux Open Source	`cpe:/o:archlinux:archlinux:-`	—
HPE Switch HPE	`cpe:/h:hp:switch:-`	—
Hitachi Network Attached Storage Hitachi	`cpe:/h:hitachi:virtual_storage_platform:-`	—
Aruba Switch Aruba	`cpe:/h:arubanetworks:switch:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Aruba ArubaOS Aruba	`cpe:/o:arubanetworks:arubaos:-`	—
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
HPE Fabric OS HPE	`cpe:/o:hpe:fabric_os:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Juniper JUNOS Juniper	`cpe:/o:juniper:junos:-`	—
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—
Citrix Systems NetScaler Citrix Systems	`cpe:/a:citrix:netscaler:-`	—
Aruba ClearPass Policy Manager Aruba	`cpe:/a:arubanetworks:clearpass_policy_manager:6.3.0.60730`	—
Fortinet FortiGate Fortinet	`cpe:/h:fortinet:fortigate:-`	—
Siemens SIMATIC S7 Siemens	`cpe:/h:siemens:simatic_s7:-`	—

CVE-2019-11478

Affected products

Known affected 22 products

Product	Identifier	Version
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Broadcom Brocade Switch Broadcom	`cpe:/h:brocade:switch:-`	—
Open Source Arch Linux Open Source	`cpe:/o:archlinux:archlinux:-`	—
HPE Switch HPE	`cpe:/h:hp:switch:-`	—
Hitachi Network Attached Storage Hitachi	`cpe:/h:hitachi:virtual_storage_platform:-`	—
Aruba Switch Aruba	`cpe:/h:arubanetworks:switch:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Aruba ArubaOS Aruba	`cpe:/o:arubanetworks:arubaos:-`	—
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
HPE Fabric OS HPE	`cpe:/o:hpe:fabric_os:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Juniper JUNOS Juniper	`cpe:/o:juniper:junos:-`	—
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—
Citrix Systems NetScaler Citrix Systems	`cpe:/a:citrix:netscaler:-`	—
Aruba ClearPass Policy Manager Aruba	`cpe:/a:arubanetworks:clearpass_policy_manager:6.3.0.60730`	—
Fortinet FortiGate Fortinet	`cpe:/h:fortinet:fortigate:-`	—
Siemens SIMATIC S7 Siemens	`cpe:/h:siemens:simatic_s7:-`	—

CVE-2019-11479

Affected products

Known affected 22 products

Product	Identifier	Version
IBM SAN Volume Controller IBM	`cpe:/a:ibm:san_volume_controller:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Broadcom Brocade Switch Broadcom	`cpe:/h:brocade:switch:-`	—
Open Source Arch Linux Open Source	`cpe:/o:archlinux:archlinux:-`	—
HPE Switch HPE	`cpe:/h:hp:switch:-`	—
Hitachi Network Attached Storage Hitachi	`cpe:/h:hitachi:virtual_storage_platform:-`	—
Aruba Switch Aruba	`cpe:/h:arubanetworks:switch:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Aruba ArubaOS Aruba	`cpe:/o:arubanetworks:arubaos:-`	—
IBM Storwize IBM	`cpe:/a:ibm:storwize:-`	—
HPE Fabric OS HPE	`cpe:/o:hpe:fabric_os:-`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Juniper JUNOS Juniper	`cpe:/o:juniper:junos:-`	—
IBM FlashSystem IBM	`cpe:/a:ibm:flashsystem:-`	—
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—
Citrix Systems NetScaler Citrix Systems	`cpe:/a:citrix:netscaler:-`	—
Aruba ClearPass Policy Manager Aruba	`cpe:/a:arubanetworks:clearpass_policy_manager:6.3.0.60730`	—
Fortinet FortiGate Fortinet	`cpe:/h:fortinet:fortigate:-`	—
Siemens SIMATIC S7 Siemens	`cpe:/h:siemens:simatic_s7:-`	—

References

90 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://cert-portal.siemens.com/productcert/html/…	external
https://www.cybersecurity-help.cz/vdb/SB2023022829	external
https://access.redhat.com/errata/RHSA-2019:1479	external
https://access.redhat.com/errata/RHSA-2019:1480	external
https://access.redhat.com/errata/RHSA-2019:1481	external
https://access.redhat.com/errata/RHSA-2019:1482	external
https://access.redhat.com/errata/RHSA-2019:1483	external
https://access.redhat.com/errata/RHSA-2019:1484	external
https://access.redhat.com/errata/RHSA-2019:1485	external
https://access.redhat.com/errata/RHSA-2019:1486	external
https://access.redhat.com/errata/RHSA-2019:1487	external
https://access.redhat.com/errata/RHSA-2019:1488	external
https://access.redhat.com/errata/RHSA-2019:1489	external
https://access.redhat.com/errata/RHSA-2019:1490	external
https://security.archlinux.org/ASA-201906-12	external
http://linux.oracle.com/errata/ELSA-2019-4684.html	external
http://linux.oracle.com/errata/ELSA-2019-4685.html	external
http://linux.oracle.com/errata/ELSA-2019-4686.html	external
https://usn.ubuntu.com/4017-1/	external
https://usn.ubuntu.com/4017-2/	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
http://linux.oracle.com/errata/ELSA-2019-4689.html	external
http://linux.oracle.com/errata/ELSA-2019-1481.html	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://security.archlinux.org/ASA-201906-15	external
https://security.archlinux.org/ASA-201906-14	external
https://security.archlinux.org/ASA-201906-13	external
http://linux.oracle.com/errata/ELSA-2019-1488.html	external
https://www.suse.com/support/update/announcement/…	external
https://oss.oracle.com/pipermail/oraclevm-errata/…	external
https://www.suse.com/support/update/announcement/…	external
http://centos-announce.2309468.n4.nabble.com/Cent…	external
http://centos-announce.2309468.n4.nabble.com/Cent…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://access.redhat.com/errata/RHSA-2019:1594	external
https://access.redhat.com/errata/RHSA-2019:1602	external
http://www.arista.com/en/support/advisories-notic…	external
http://www.vmware.com/security/advisories/VMSA-20…	external
https://support.citrix.com/article/CTX256725	external
https://access.redhat.com/errata/RHSA-2019:1699	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.debian.org/security/2019/dsa-4484	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
http://linux.oracle.com/errata/ELSA-2019-1873.html	external
https://www.suse.com/support/update/announcement/…	external
http://www.hitachi.co.jp/products/it/storage-solu…	external
http://linux.oracle.com/errata/ELSA-2019-2029.html	external
http://linux.oracle.com/errata/ELSA-2019-1959.html	external
http://linux.oracle.com/errata/ELSA-2019-2411.html	external
https://access.redhat.com/errata/RHSA-2020:0204	external
https://support.symantec.com/us/en/article.SYMSA1…	external
https://support.citrix.com/article/CTX256918	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://kb.pulsesecure.net/articles/Pulse_Securit…	external
https://www.suse.com/support/update/announcement/…	external
https://fortiguard.com/psirt/FG-IR-19-180	external
https://support.infoblox.com/app/answers/detail/a…	external
https://support.infoblox.com/app/answers/detail/a…	external
https://support.hpe.com/hpesc/public/docDisplay?d…	external
https://www.arubanetworks.com/assets/alert/ARUBA-…	external
https://support.hpe.com/hpesc/public/docDisplay?d…	external
http://kb.juniper.net/InfoCenter/index?page=conte…	external
https://www.broadcom.com/support/fibre-channel-ne…	external
https://kb.juniper.net/InfoCenter/index?page=cont…	external
https://kb.juniper.net/InfoCenter/index?page=cont…	external
https://support.hpe.com/hpesc/public/docDisplay?d…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-0507 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2019/wid-sec-w-2023-0507.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-0507 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0507"
      },
      {
        "category": "external",
        "summary": "Siemens Security Advisory SSA-462066 vom 2023-04-11",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-462066.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 1164286 vom 2023-02-28",
        "url": "https://www.cybersecurity-help.cz/vdb/SB2023022829"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisories vom 2019-06-17",
        "url": "https://access.redhat.com/errata/RHSA-2019:1479"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisories vom 2019-06-17",
        "url": "https://access.redhat.com/errata/RHSA-2019:1480"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisories vom 2019-06-17",
        "url": "https://access.redhat.com/errata/RHSA-2019:1481"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisories vom 2019-06-17",
        "url": "https://access.redhat.com/errata/RHSA-2019:1482"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisories vom 2019-06-17",
        "url": "https://access.redhat.com/errata/RHSA-2019:1483"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisories vom 2019-06-17",
        "url": "https://access.redhat.com/errata/RHSA-2019:1484"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisories vom 2019-06-17",
        "url": "https://access.redhat.com/errata/RHSA-2019:1485"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisories vom 2019-06-17",
        "url": "https://access.redhat.com/errata/RHSA-2019:1486"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisories vom 2019-06-17",
        "url": "https://access.redhat.com/errata/RHSA-2019:1487"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisories vom 2019-06-17",
        "url": "https://access.redhat.com/errata/RHSA-2019:1488"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisories vom 2019-06-17",
        "url": "https://access.redhat.com/errata/RHSA-2019:1489"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisories vom 2019-06-17",
        "url": "https://access.redhat.com/errata/RHSA-2019:1490"
      },
      {
        "category": "external",
        "summary": "Arch Linux Security Advisory",
        "url": "https://security.archlinux.org/ASA-201906-12"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory",
        "url": "http://linux.oracle.com/errata/ELSA-2019-4684.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory",
        "url": "http://linux.oracle.com/errata/ELSA-2019-4685.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory",
        "url": "http://linux.oracle.com/errata/ELSA-2019-4686.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Advisory",
        "url": "https://usn.ubuntu.com/4017-1/"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Advisory",
        "url": "https://usn.ubuntu.com/4017-2/"
      },
      {
        "category": "external",
        "summary": "SuSE Security Advisory",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191527-1.html"
      },
      {
        "category": "external",
        "summary": "SuSE Security Advisory",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191529-1.html"
      },
      {
        "category": "external",
        "summary": "SuSE Security Advisory",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191530-1.html"
      },
      {
        "category": "external",
        "summary": "SuSE Security Advisory",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191532-1.html"
      },
      {
        "category": "external",
        "summary": "SuSE Security Advisory",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191533-1.html"
      },
      {
        "category": "external",
        "summary": "SuSE Security Advisory",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191536-1.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory",
        "url": "http://linux.oracle.com/errata/ELSA-2019-4689.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory",
        "url": "http://linux.oracle.com/errata/ELSA-2019-1481.html"
      },
      {
        "category": "external",
        "summary": "SuSE Security Advisory",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191534-1.html"
      },
      {
        "category": "external",
        "summary": "SuSE Security Advisory",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191535-1.html"
      },
      {
        "category": "external",
        "summary": "Arch Linux Security Advisory ASA-201906-15 vom 2019-06-18",
        "url": "https://security.archlinux.org/ASA-201906-15"
      },
      {
        "category": "external",
        "summary": "Arch Linux Security Advisory ASA-201906-14 vom 2019-06-18",
        "url": "https://security.archlinux.org/ASA-201906-14"
      },
      {
        "category": "external",
        "summary": "Arch Linux Security Advisory ASA-201906-13 vom 2019-06-18",
        "url": "https://security.archlinux.org/ASA-201906-13"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2019-1488 vom 2019-06-18",
        "url": "http://linux.oracle.com/errata/ELSA-2019-1488.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:14089-1 vom 2019-06-18",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-201914089-1.html"
      },
      {
        "category": "external",
        "summary": "ORACLE OVMSA-2019-0026 vom 2019-06-18",
        "url": "https://oss.oracle.com/pipermail/oraclevm-errata/2019-June/000945.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:1550-1 vom 2019-06-19",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191550-1.html"
      },
      {
        "category": "external",
        "summary": "CentOS Security Advisory CESA-2019:1481 vom 2019-06-18",
        "url": "http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2019-1481-Important-CentOS-7-kernel-Security-Update-tp4645573.html"
      },
      {
        "category": "external",
        "summary": "CentOS Security Advisory CESA-2019:1488 vom 2019-06-18",
        "url": "http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2019-1488-Important-CentOS-6-kernel-Security-Update-tp4645572.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:1588-1 vom 2019-06-21",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191588-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:1581-1 vom 2019-06-21",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191581-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:1668-1 vom 2019-06-22",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191668-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:1674-1 vom 2019-06-22",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191674-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:1671-1 vom 2019-06-22",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191671-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:1692-1 vom 2019-06-25",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191692-1.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2019:1594 vom 2019-06-25",
        "url": "https://access.redhat.com/errata/RHSA-2019:1594"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2019:1602 vom 2019-06-26",
        "url": "https://access.redhat.com/errata/RHSA-2019:1602"
      },
      {
        "category": "external",
        "summary": "BLUECOAT Security Advisory SA41 vom 2019-06-27",
        "url": "http://www.arista.com/en/support/advisories-notices/security-advisories/8066-security-advisory-41"
      },
      {
        "category": "external",
        "summary": "VMware Security Advisory VMSA-2019-0010 vom 2019-07-02",
        "url": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html"
      },
      {
        "category": "external",
        "summary": "Citrix Security Advisory CTX256725 vom 2019-07-09",
        "url": "https://support.citrix.com/article/CTX256725"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2019:1699 vom 2019-07-08",
        "url": "https://access.redhat.com/errata/RHSA-2019:1699"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:1855-1 vom 2019-07-16",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191855-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:1851-1 vom 2019-07-16",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191851-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:1870-1 vom 2019-07-17",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191870-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:1888-1 vom 2019-07-18",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191888-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:1889-1 vom 2019-07-18",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191889-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:1882-1 vom 2019-07-18",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191882-1.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-4484 vom 2019-07-21",
        "url": "https://www.debian.org/security/2019/dsa-4484"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:1935-1 vom 2019-07-23",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191935-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:1948-1 vom 2019-07-23",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191948-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:1924-1 vom 2019-07-23",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191924-1.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2019-1873 vom 2019-07-30",
        "url": "http://linux.oracle.com/errata/ELSA-2019-1873.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:2069-1 vom 2019-08-07",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192069-1.html"
      },
      {
        "category": "external",
        "summary": "Hitachi Vulnerability Information HITACHI-SEC-2020-303 vom 2020-02-07",
        "url": "http://www.hitachi.co.jp/products/it/storage-solutions/global/sec_info/2020/2020_303.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2019-2029 vom 2019-08-14",
        "url": "http://linux.oracle.com/errata/ELSA-2019-2029.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2019-1959 vom 2019-08-19",
        "url": "http://linux.oracle.com/errata/ELSA-2019-1959.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2019-2411 vom 2019-08-19",
        "url": "http://linux.oracle.com/errata/ELSA-2019-2411.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:0204 vom 2020-01-22",
        "url": "https://access.redhat.com/errata/RHSA-2020:0204"
      },
      {
        "category": "external",
        "summary": "Symantec Security Advisory SYMSA1492 vom 2019-09-06",
        "url": "https://support.symantec.com/us/en/article.SYMSA1492.html"
      },
      {
        "category": "external",
        "summary": "Citrix Security Advisory CTX256918 vom 2019-09-12",
        "url": "https://support.citrix.com/article/CTX256918"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:2430-1 vom 2019-09-23",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192430-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:2450-1 vom 2019-09-24",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192450-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:2658-1 vom 2019-10-15",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192658-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:2756-1 vom 2019-10-24",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192756-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:2821-1 vom 2019-10-30",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192821-1.html"
      },
      {
        "category": "external",
        "summary": "Pulse Secure Security Advisory SA44193 vom 2019-11-06",
        "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193/?kA23Z000000L6LMSA0="
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2019:2950-1 vom 2019-11-13",
        "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192950-1.html"
      },
      {
        "category": "external",
        "summary": "FortiGuard Labs PSIRT Advisory FG-IR-19-180 vom 2019-11-29",
        "url": "https://fortiguard.com/psirt/FG-IR-19-180"
      },
      {
        "category": "external",
        "summary": "NIOS 8.3.7 Released 18 FEB 2020",
        "url": "https://support.infoblox.com/app/answers/detail/a_id/11591"
      },
      {
        "category": "external",
        "summary": "Infoblox Advisory 0622 vom 2020-06-04",
        "url": "https://support.infoblox.com/app/answers/detail/a_id/10622"
      },
      {
        "category": "external",
        "summary": "HPE Security Bulletin hpesbst04140en_us vom 2021-06-02",
        "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-hpesbst04140en_us"
      },
      {
        "category": "external",
        "summary": "Aruba Product Security Advisory ARUBA-PSA-2020-010 vom 2020-09-16",
        "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt"
      },
      {
        "category": "external",
        "summary": "HPE Security Bulletin HPESBNW04041 rev.1 vom 2020-09-23",
        "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-hpesbnw04041en_us"
      },
      {
        "category": "external",
        "summary": "Juniper Security Advisory JSA11053 vom 2020-10-14",
        "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11053"
      },
      {
        "category": "external",
        "summary": "Brocade Security Advisory BSA-2019-827 vom 2021-05-20",
        "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-827"
      },
      {
        "category": "external",
        "summary": "Juniper Security Advisory JSA11104 vom 2021-01-13",
        "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11104\u0026cat=SIRT_1"
      },
      {
        "category": "external",
        "summary": "Juniper Security Advisory JSA11205 vom 2021-07-14",
        "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11205\u0026cat=SIRT_1"
      },
      {
        "category": "external",
        "summary": "HPE Security Bulletin",
        "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-hpesbst04141en_us"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen erm\u00f6glichen Denial of Service",
    "tracking": {
      "current_release_date": "2023-04-10T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:45:38.641+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2023-0507",
      "initial_release_date": "2019-06-17T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2019-06-17T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2019-06-17T22:00:00.000+00:00",
          "number": "2",
          "summary": "Referenz(en) aufgenommen: DLA-1823"
        },
        {
          "date": "2019-06-17T22:00:00.000+00:00",
          "number": "3",
          "summary": "Korrektur Status"
        },
        {
          "date": "2019-06-18T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Arch Linux, Oracle Linux, SUSE, ORACLE und CentOS aufgenommen"
        },
        {
          "date": "2019-06-20T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2019-06-23T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2019-06-24T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2019-06-25T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2019-06-26T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von BLUECOAT aufgenommen"
        },
        {
          "date": "2019-06-27T22:00:00.000+00:00",
          "number": "10",
          "summary": "Referenz(en) aufgenommen:"
        },
        {
          "date": "2019-06-30T22:00:00.000+00:00",
          "number": "11",
          "summary": "Referenz(en) aufgenommen: USN-4041-1, USN-4041-2"
        },
        {
          "date": "2019-07-02T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von VMware aufgenommen"
        },
        {
          "date": "2019-07-08T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Citrix und Red Hat aufgenommen"
        },
        {
          "date": "2019-07-15T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2019-07-17T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2019-07-18T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2019-07-21T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2019-07-23T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2019-07-30T22:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2019-08-07T22:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2019-08-13T22:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2019-08-19T22:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2019-09-05T22:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von Symantec aufgenommen"
        },
        {
          "date": "2019-09-11T22:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von Citrix aufgenommen"
        },
        {
          "date": "2019-09-23T22:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2019-09-24T22:00:00.000+00:00",
          "number": "26",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2019-10-14T22:00:00.000+00:00",
          "number": "27",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2019-10-23T22:00:00.000+00:00",
          "number": "28",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2019-10-30T23:00:00.000+00:00",
          "number": "29",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2019-11-05T23:00:00.000+00:00",
          "number": "30",
          "summary": "Neue Updates von Pulse Secure aufgenommen"
        },
        {
          "date": "2019-11-12T23:00:00.000+00:00",
          "number": "31",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2019-11-28T23:00:00.000+00:00",
          "number": "32",
          "summary": "Neue Updates von Fortinet aufgenommen"
        },
        {
          "date": "2020-01-22T23:00:00.000+00:00",
          "number": "33",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2020-02-06T23:00:00.000+00:00",
          "number": "34",
          "summary": "Neue Updates von HITACHI aufgenommen"
        },
        {
          "date": "2020-02-17T23:00:00.000+00:00",
          "number": "35",
          "summary": "Neue Updates aufgenommen"
        },
        {
          "date": "2020-06-03T22:00:00.000+00:00",
          "number": "36",
          "summary": "Neue Updates von Infoblox aufgenommen"
        },
        {
          "date": "2020-09-15T22:00:00.000+00:00",
          "number": "37",
          "summary": "Neue Updates von Aruba aufgenommen"
        },
        {
          "date": "2020-09-24T22:00:00.000+00:00",
          "number": "38",
          "summary": "Neue Updates von HPE aufgenommen"
        },
        {
          "date": "2020-10-14T22:00:00.000+00:00",
          "number": "39",
          "summary": "Neue Updates von Juniper aufgenommen"
        },
        {
          "date": "2021-01-13T23:00:00.000+00:00",
          "number": "40",
          "summary": "Neue Updates von Juniper aufgenommen"
        },
        {
          "date": "2021-05-20T22:00:00.000+00:00",
          "number": "41",
          "summary": "Neue Updates von BROCADE aufgenommen"
        },
        {
          "date": "2021-06-03T22:00:00.000+00:00",
          "number": "42",
          "summary": "Neue Updates von HP aufgenommen"
        },
        {
          "date": "2021-07-14T22:00:00.000+00:00",
          "number": "43",
          "summary": "Neue Updates von Juniper aufgenommen"
        },
        {
          "date": "2021-07-25T22:00:00.000+00:00",
          "number": "44",
          "summary": "Neue Updates von HP aufgenommen"
        },
        {
          "date": "2023-02-28T23:00:00.000+00:00",
          "number": "45",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2023-04-10T22:00:00.000+00:00",
          "number": "46",
          "summary": "Neue Updates von Siemens aufgenommen"
        }
      ],
      "status": "final",
      "version": "46"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Aruba ArubaOS",
            "product": {
              "name": "Aruba ArubaOS",
              "product_id": "T016785",
              "product_identification_helper": {
                "cpe": "cpe:/o:arubanetworks:arubaos:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Aruba ClearPass Policy Manager",
            "product": {
              "name": "Aruba ClearPass Policy Manager",
              "product_id": "274506",
              "product_identification_helper": {
                "cpe": "cpe:/a:arubanetworks:clearpass_policy_manager:6.3.0.60730"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Aruba Switch",
            "product": {
              "name": "Aruba Switch",
              "product_id": "T016786",
              "product_identification_helper": {
                "cpe": "cpe:/h:arubanetworks:switch:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Aruba"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Broadcom Brocade Switch",
            "product": {
              "name": "Broadcom Brocade Switch",
              "product_id": "T015844",
              "product_identification_helper": {
                "cpe": "cpe:/h:brocade:switch:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Broadcom"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Citrix Systems NetScaler",
            "product": {
              "name": "Citrix Systems NetScaler",
              "product_id": "70427",
              "product_identification_helper": {
                "cpe": "cpe:/a:citrix:netscaler:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Citrix Systems"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Fortinet FortiGate",
            "product": {
              "name": "Fortinet FortiGate",
              "product_id": "T004020",
              "product_identification_helper": {
                "cpe": "cpe:/h:fortinet:fortigate:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Fortinet"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "HPE Fabric OS",
            "product": {
              "name": "HPE Fabric OS",
              "product_id": "T019403",
              "product_identification_helper": {
                "cpe": "cpe:/o:hpe:fabric_os:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "HPE Switch",
            "product": {
              "name": "HPE Switch",
              "product_id": "T005119",
              "product_identification_helper": {
                "cpe": "cpe:/h:hp:switch:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "HPE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Hitachi Network Attached Storage",
            "product": {
              "name": "Hitachi Network Attached Storage",
              "product_id": "T011055",
              "product_identification_helper": {
                "cpe": "cpe:/h:hitachi:virtual_storage_platform:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Hitachi"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "IBM FlashSystem",
            "product": {
              "name": "IBM FlashSystem",
              "product_id": "T025159",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:flashsystem:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "IBM SAN Volume Controller",
            "product": {
              "name": "IBM SAN Volume Controller",
              "product_id": "T002782",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:san_volume_controller:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "IBM Storwize",
            "product": {
              "name": "IBM Storwize",
              "product_id": "T021621",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:storwize:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Infoblox NIOS \u003c 8.3.7",
            "product": {
              "name": "Infoblox NIOS \u003c 8.3.7",
              "product_id": "T015901",
              "product_identification_helper": {
                "cpe": "cpe:/o:infoblox:nios:8.3.7"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Infoblox"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Juniper JUNOS",
            "product": {
              "name": "Juniper JUNOS",
              "product_id": "5930",
              "product_identification_helper": {
                "cpe": "cpe:/o:juniper:junos:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Juniper"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Arch Linux",
            "product": {
              "name": "Open Source Arch Linux",
              "product_id": "T013312",
              "product_identification_helper": {
                "cpe": "cpe:/o:archlinux:archlinux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Open Source CentOS",
            "product": {
              "name": "Open Source CentOS",
              "product_id": "1727",
              "product_identification_helper": {
                "cpe": "cpe:/o:centos:centos:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "6368",
              "product_identification_helper": {
                "cpe": "cpe:/o:linux:linux_kernel:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Pulse Secure Pulse Connect Secure \u003c 9.0R5",
                "product": {
                  "name": "Pulse Secure Pulse Connect Secure \u003c 9.0R5",
                  "product_id": "T015309",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:pulsesecure:pulse_connect_secure:9.0r5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Pulse Secure Pulse Connect Secure \u003c 9.1R3",
                "product": {
                  "name": "Pulse Secure Pulse Connect Secure \u003c 9.1R3",
                  "product_id": "T015310",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:pulsesecure:pulse_connect_secure:9.1r3"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Pulse Connect Secure"
          }
        ],
        "category": "vendor",
        "name": "Pulse Secure"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Siemens SIMATIC S7",
            "product": {
              "name": "Siemens SIMATIC S7",
              "product_id": "T020086",
              "product_identification_helper": {
                "cpe": "cpe:/h:siemens:simatic_s7:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-11477",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese bestehen aufgrund einer unsachgem\u00e4\u00dfen Verarbeitung von TCP-Segmenten im Linux Kernel Netzwerk-Subsystem. Ein entfernter anonymer Angreifer kann diese Schwachstellen ausnutzen, um durch das Senden speziell gestalteter Pakete einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002782",
          "67646",
          "6368",
          "T015844",
          "T013312",
          "T005119",
          "T011055",
          "T016786",
          "T004914",
          "T016785",
          "T021621",
          "T019403",
          "2951",
          "T002207",
          "T000126",
          "5930",
          "T025159",
          "1727",
          "70427",
          "274506",
          "T004020",
          "T020086"
        ]
      },
      "release_date": "2019-06-17T22:00:00.000+00:00",
      "title": "CVE-2019-11477"
    },
    {
      "cve": "CVE-2019-11478",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese bestehen aufgrund einer unsachgem\u00e4\u00dfen Verarbeitung von TCP-Segmenten im Linux Kernel Netzwerk-Subsystem. Ein entfernter anonymer Angreifer kann diese Schwachstellen ausnutzen, um durch das Senden speziell gestalteter Pakete einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002782",
          "67646",
          "6368",
          "T015844",
          "T013312",
          "T005119",
          "T011055",
          "T016786",
          "T004914",
          "T016785",
          "T021621",
          "T019403",
          "2951",
          "T002207",
          "T000126",
          "5930",
          "T025159",
          "1727",
          "70427",
          "274506",
          "T004020",
          "T020086"
        ]
      },
      "release_date": "2019-06-17T22:00:00.000+00:00",
      "title": "CVE-2019-11478"
    },
    {
      "cve": "CVE-2019-11479",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existieren mehrere Schwachstellen. Diese bestehen aufgrund einer unsachgem\u00e4\u00dfen Verarbeitung von TCP-Segmenten im Linux Kernel Netzwerk-Subsystem. Ein entfernter anonymer Angreifer kann diese Schwachstellen ausnutzen, um durch das Senden speziell gestalteter Pakete einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002782",
          "67646",
          "6368",
          "T015844",
          "T013312",
          "T005119",
          "T011055",
          "T016786",
          "T004914",
          "T016785",
          "T021621",
          "T019403",
          "2951",
          "T002207",
          "T000126",
          "5930",
          "T025159",
          "1727",
          "70427",
          "274506",
          "T004020",
          "T020086"
        ]
      },
      "release_date": "2019-06-17T22:00:00.000+00:00",
      "title": "CVE-2019-11479"
    }
  ]
}

CVE-2019-11477 (GCVE-0-2019-11477)

Vulnerability from cvelistv5 – Published: 2019-06-18 23:34 – Updated: 2024-09-17 02:21

Title

Integer overflow in TCP_SKB_CB(skb)->tcp_gso_segs

Summary

Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.

Severity

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-190 - Integer Overflow or Wraparound

Assigner

canonical

References

29 references

URL	Tags
https://www.kb.cert.org/vuls/id/905115	third-party-advisoryx_refsource_CERT-VN
http://www.openwall.com/lists/oss-security/2019/06/20/3	mailing-listx_refsource_MLIST
https://access.redhat.com/errata/RHSA-2019:1594	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:1602	vendor-advisoryx_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2019/06/28/2	mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2019/07/06/3	mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2019/07/06/4	mailing-listx_refsource_MLIST
https://access.redhat.com/errata/RHSA-2019:1699	vendor-advisoryx_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2019/10/24/1	mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2019/10/29/3	mailing-listx_refsource_MLIST
https://www.oracle.com/security-alerts/cpujan2020.html	x_refsource_MISC
https://www.oracle.com/security-alerts/cpuoct2020.html	x_refsource_MISC
https://git.kernel.org/pub/scm/linux/kernel/git/d…	x_refsource_MISC
https://github.com/Netflix/security-bulletins/blo…	x_refsource_MISC
https://wiki.ubuntu.com/SecurityTeam/KnowledgeBas…	x_refsource_MISC
https://access.redhat.com/security/vulnerabilitie…	x_refsource_MISC
https://support.f5.com/csp/article/K78234183	x_refsource_CONFIRM
http://packetstormsecurity.com/files/153346/Kerne…	x_refsource_MISC
https://kb.pulsesecure.net/articles/Pulse_Securit…	x_refsource_CONFIRM
https://www.synology.com/security/advisory/Synolo…	x_refsource_CONFIRM
https://security.netapp.com/advisory/ntap-2019062…	x_refsource_CONFIRM
https://psirt.global.sonicwall.com/vuln-detail/SN…	x_refsource_CONFIRM
https://kc.mcafee.com/corporate/index?page=conten…	x_refsource_CONFIRM
http://www.vmware.com/security/advisories/VMSA-20…	x_refsource_CONFIRM
https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
https://www.us-cert.gov/ics/advisories/icsa-19-253-03	x_refsource_MISC
http://packetstormsecurity.com/files/154951/Kerne…	x_refsource_MISC
http://www.huawei.com/en/psirt/security-advisorie…	x_refsource_CONFIRM
http://www.arubanetworks.com/assets/alert/ARUBA-P…	x_refsource_CONFIRM

Impacted products

1 product

Vendor	Product	Version
Linux	Linux kernel	Affected: 4.4 , < 4.4.182 (custom) Affected: 4.9 , < 4.9.182 (custom) Affected: 4.14 , < 4.14.127 (custom) Affected: 4.19 , < 4.19.52 (custom) Affected: 5.1 , < 5.1.11 (custom)

Date Public

2019-06-17 00:00

Credits

Jonathan Looney from Netflix

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:55:40.213Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VU#905115",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/905115"
          },
          {
            "name": "[oss-security] 20190620 Re: Linux and FreeBSD Kernel: Multiple TCP-based remote denial of service issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/06/20/3"
          },
          {
            "name": "RHSA-2019:1594",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1594"
          },
          {
            "name": "RHSA-2019:1602",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1602"
          },
          {
            "name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
          },
          {
            "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
          },
          {
            "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
          },
          {
            "name": "RHSA-2019:1699",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1699"
          },
          {
            "name": "[oss-security] 20191023 Membership application for linux-distros - VMware",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"
          },
          {
            "name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/vulnerabilities/tcpsack"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K78234183"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.synology.com/security/advisory/Synology_SA_19_28"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20190625-0001/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Linux kernel",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4.4.182",
              "status": "affected",
              "version": "4.4",
              "versionType": "custom"
            },
            {
              "lessThan": "4.9.182",
              "status": "affected",
              "version": "4.9",
              "versionType": "custom"
            },
            {
              "lessThan": "4.14.127",
              "status": "affected",
              "version": "4.14",
              "versionType": "custom"
            },
            {
              "lessThan": "4.19.52",
              "status": "affected",
              "version": "4.19",
              "versionType": "custom"
            },
            {
              "lessThan": "5.1.11",
              "status": "affected",
              "version": "5.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Jonathan Looney from Netflix"
        }
      ],
      "datePublic": "2019-06-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Jonathan Looney discovered that the TCP_SKB_CB(skb)-\u003etcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190 Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-20T21:14:56.000Z",
        "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "shortName": "canonical"
      },
      "references": [
        {
          "name": "VU#905115",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/905115"
        },
        {
          "name": "[oss-security] 20190620 Re: Linux and FreeBSD Kernel: Multiple TCP-based remote denial of service issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/06/20/3"
        },
        {
          "name": "RHSA-2019:1594",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1594"
        },
        {
          "name": "RHSA-2019:1602",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1602"
        },
        {
          "name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
        },
        {
          "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
        },
        {
          "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
        },
        {
          "name": "RHSA-2019:1699",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1699"
        },
        {
          "name": "[oss-security] 20191023 Membership application for linux-distros - VMware",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"
        },
        {
          "name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://access.redhat.com/security/vulnerabilities/tcpsack"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K78234183"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.synology.com/security/advisory/Synology_SA_19_28"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20190625-0001/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt"
        }
      ],
      "source": {
        "advisory": "https://usn.ubuntu.com/4017-1",
        "defect": [
          "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1831637"
        ],
        "discovery": "UNKNOWN"
      },
      "title": "Integer overflow in TCP_SKB_CB(skb)-\u003etcp_gso_segs",
      "x_generator": {
        "engine": "Vulnogram 0.0.7"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "AKA": "SACK Panic",
          "ASSIGNER": "security@ubuntu.com",
          "DATE_PUBLIC": "2019-06-17T00:00:00.000Z",
          "ID": "CVE-2019-11477",
          "STATE": "PUBLIC",
          "TITLE": "Integer overflow in TCP_SKB_CB(skb)-\u003etcp_gso_segs"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Linux kernel",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "4.4",
                            "version_value": "4.4.182"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "4.9",
                            "version_value": "4.9.182"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "4.14",
                            "version_value": "4.14.127"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "4.19",
                            "version_value": "4.19.52"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "5.1",
                            "version_value": "5.1.11"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Linux"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Jonathan Looney from Netflix"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Jonathan Looney discovered that the TCP_SKB_CB(skb)-\u003etcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.7"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-190 Integer Overflow or Wraparound"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#905115",
              "refsource": "CERT-VN",
              "url": "https://www.kb.cert.org/vuls/id/905115"
            },
            {
              "name": "[oss-security] 20190620 Re: Linux and FreeBSD Kernel: Multiple TCP-based remote denial of service issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/06/20/3"
            },
            {
              "name": "RHSA-2019:1594",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1594"
            },
            {
              "name": "RHSA-2019:1602",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1602"
            },
            {
              "name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
            },
            {
              "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
            },
            {
              "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
            },
            {
              "name": "RHSA-2019:1699",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1699"
            },
            {
              "name": "[oss-security] 20191023 Membership application for linux-distros - VMware",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"
            },
            {
              "name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujan2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
            },
            {
              "name": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff",
              "refsource": "MISC",
              "url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff"
            },
            {
              "name": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md",
              "refsource": "MISC",
              "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md"
            },
            {
              "name": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic",
              "refsource": "MISC",
              "url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic"
            },
            {
              "name": "https://access.redhat.com/security/vulnerabilities/tcpsack",
              "refsource": "MISC",
              "url": "https://access.redhat.com/security/vulnerabilities/tcpsack"
            },
            {
              "name": "https://support.f5.com/csp/article/K78234183",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K78234183"
            },
            {
              "name": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html"
            },
            {
              "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193",
              "refsource": "CONFIRM",
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193"
            },
            {
              "name": "https://www.synology.com/security/advisory/Synology_SA_19_28",
              "refsource": "CONFIRM",
              "url": "https://www.synology.com/security/advisory/Synology_SA_19_28"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20190625-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20190625-0001/"
            },
            {
              "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006",
              "refsource": "CONFIRM",
              "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006"
            },
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf"
            },
            {
              "name": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03"
            },
            {
              "name": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
            },
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt"
            }
          ]
        },
        "source": {
          "advisory": "https://usn.ubuntu.com/4017-1",
          "defect": [
            "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1831637"
          ],
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
    "assignerShortName": "canonical",
    "cveId": "CVE-2019-11477",
    "datePublished": "2019-06-18T23:34:51.026Z",
    "dateReserved": "2019-04-23T00:00:00.000Z",
    "dateUpdated": "2024-09-17T02:21:15.995Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-11478 (GCVE-0-2019-11478)

Vulnerability from cvelistv5 – Published: 2019-06-18 23:34 – Updated: 2024-09-16 23:45

Title

SACK can cause extensive memory use via fragmented resend queue

Summary

Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e.

Severity

5.3 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE

CWE-770 - Allocation of Resources Without Limits or Throttling

Assigner

canonical

References

29 references

URL	Tags
https://www.kb.cert.org/vuls/id/905115	third-party-advisoryx_refsource_CERT-VN
https://access.redhat.com/errata/RHSA-2019:1594	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:1602	vendor-advisoryx_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2019/06/28/2	mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2019/07/06/3	mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2019/07/06/4	mailing-listx_refsource_MLIST
https://access.redhat.com/errata/RHSA-2019:1699	vendor-advisoryx_refsource_REDHAT
https://seclists.org/bugtraq/2019/Jul/30	mailing-listx_refsource_BUGTRAQ
http://www.openwall.com/lists/oss-security/2019/10/24/1	mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2019/10/29/3	mailing-listx_refsource_MLIST
https://www.oracle.com/security-alerts/cpujan2020.html	x_refsource_MISC
https://www.oracle.com/security-alerts/cpuoct2020.html	x_refsource_MISC
https://github.com/Netflix/security-bulletins/blo…	x_refsource_MISC
https://wiki.ubuntu.com/SecurityTeam/KnowledgeBas…	x_refsource_MISC
https://access.redhat.com/security/vulnerabilitie…	x_refsource_MISC
http://packetstormsecurity.com/files/153346/Kerne…	x_refsource_MISC
https://kb.pulsesecure.net/articles/Pulse_Securit…	x_refsource_CONFIRM
https://www.synology.com/security/advisory/Synolo…	x_refsource_CONFIRM
https://security.netapp.com/advisory/ntap-2019062…	x_refsource_CONFIRM
https://kc.mcafee.com/corporate/index?page=conten…	x_refsource_CONFIRM
http://www.vmware.com/security/advisories/VMSA-20…	x_refsource_CONFIRM
https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
https://www.us-cert.gov/ics/advisories/icsa-19-253-03	x_refsource_MISC
http://packetstormsecurity.com/files/154951/Kerne…	x_refsource_MISC
http://www.arubanetworks.com/assets/alert/ARUBA-P…	x_refsource_CONFIRM
https://git.kernel.org/pub/scm/linux/kernel/git/d…	x_refsource_MISC
https://support.f5.com/csp/article/K26618426	x_refsource_CONFIRM
https://psirt.global.sonicwall.com/vuln-detail/SN…	x_refsource_CONFIRM
http://packetstormsecurity.com/files/154408/Kerne…	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
Linux	Linux kernel	Affected: 4.4 , < 4.4.182 (custom) Affected: 4.9 , < 4.9.182 (custom) Affected: 4.14 , < 4.14.127 (custom) Affected: 4.19 , < 4.19.52 (custom) Affected: 5.1 , < 5.1.11 (custom)

Date Public

2019-06-17 00:00

Credits

Jonathan Looney from Netflix

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:55:40.767Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VU#905115",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/905115"
          },
          {
            "name": "RHSA-2019:1594",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1594"
          },
          {
            "name": "RHSA-2019:1602",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1602"
          },
          {
            "name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
          },
          {
            "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
          },
          {
            "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
          },
          {
            "name": "RHSA-2019:1699",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1699"
          },
          {
            "name": "20190722 [SECURITY] [DSA 4484-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Jul/30"
          },
          {
            "name": "[oss-security] 20191023 Membership application for linux-distros - VMware",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"
          },
          {
            "name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/vulnerabilities/tcpsack"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.synology.com/security/advisory/Synology_SA_19_28"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20190625-0001/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=f070ef2ac66716357066b683fb0baf55f8191a2e"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K26618426"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0007"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Linux kernel",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4.4.182",
              "status": "affected",
              "version": "4.4",
              "versionType": "custom"
            },
            {
              "lessThan": "4.9.182",
              "status": "affected",
              "version": "4.9",
              "versionType": "custom"
            },
            {
              "lessThan": "4.14.127",
              "status": "affected",
              "version": "4.14",
              "versionType": "custom"
            },
            {
              "lessThan": "4.19.52",
              "status": "affected",
              "version": "4.19",
              "versionType": "custom"
            },
            {
              "lessThan": "5.1.11",
              "status": "affected",
              "version": "5.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Jonathan Looney from Netflix"
        }
      ],
      "datePublic": "2019-06-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-20T21:14:56.000Z",
        "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "shortName": "canonical"
      },
      "references": [
        {
          "name": "VU#905115",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/905115"
        },
        {
          "name": "RHSA-2019:1594",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1594"
        },
        {
          "name": "RHSA-2019:1602",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1602"
        },
        {
          "name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
        },
        {
          "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
        },
        {
          "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
        },
        {
          "name": "RHSA-2019:1699",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1699"
        },
        {
          "name": "20190722 [SECURITY] [DSA 4484-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Jul/30"
        },
        {
          "name": "[oss-security] 20191023 Membership application for linux-distros - VMware",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"
        },
        {
          "name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://access.redhat.com/security/vulnerabilities/tcpsack"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.synology.com/security/advisory/Synology_SA_19_28"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20190625-0001/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=f070ef2ac66716357066b683fb0baf55f8191a2e"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K26618426"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0007"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html"
        }
      ],
      "source": {
        "advisory": "https://usn.ubuntu.com/4017-1",
        "defect": [
          "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1831638"
        ],
        "discovery": "UNKNOWN"
      },
      "title": "SACK can cause extensive memory use via fragmented resend queue",
      "x_generator": {
        "engine": "Vulnogram 0.0.7"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@ubuntu.com",
          "DATE_PUBLIC": "2019-06-17T00:00:00.000Z",
          "ID": "CVE-2019-11478",
          "STATE": "PUBLIC",
          "TITLE": "SACK can cause extensive memory use via fragmented resend queue"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Linux kernel",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "4.4",
                            "version_value": "4.4.182"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "4.9",
                            "version_value": "4.9.182"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "4.14",
                            "version_value": "4.14.127"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "4.19",
                            "version_value": "4.19.52"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "5.1",
                            "version_value": "5.1.11"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Linux"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Jonathan Looney from Netflix"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.7"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-770 Allocation of Resources Without Limits or Throttling"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#905115",
              "refsource": "CERT-VN",
              "url": "https://www.kb.cert.org/vuls/id/905115"
            },
            {
              "name": "RHSA-2019:1594",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1594"
            },
            {
              "name": "RHSA-2019:1602",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1602"
            },
            {
              "name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
            },
            {
              "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
            },
            {
              "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
            },
            {
              "name": "RHSA-2019:1699",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1699"
            },
            {
              "name": "20190722 [SECURITY] [DSA 4484-1] linux security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Jul/30"
            },
            {
              "name": "[oss-security] 20191023 Membership application for linux-distros - VMware",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"
            },
            {
              "name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujan2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
            },
            {
              "name": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md",
              "refsource": "MISC",
              "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md"
            },
            {
              "name": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic",
              "refsource": "MISC",
              "url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic"
            },
            {
              "name": "https://access.redhat.com/security/vulnerabilities/tcpsack",
              "refsource": "MISC",
              "url": "https://access.redhat.com/security/vulnerabilities/tcpsack"
            },
            {
              "name": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html"
            },
            {
              "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193",
              "refsource": "CONFIRM",
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193"
            },
            {
              "name": "https://www.synology.com/security/advisory/Synology_SA_19_28",
              "refsource": "CONFIRM",
              "url": "https://www.synology.com/security/advisory/Synology_SA_19_28"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20190625-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20190625-0001/"
            },
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf"
            },
            {
              "name": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03"
            },
            {
              "name": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt"
            },
            {
              "name": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=f070ef2ac66716357066b683fb0baf55f8191a2e",
              "refsource": "MISC",
              "url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=f070ef2ac66716357066b683fb0baf55f8191a2e"
            },
            {
              "name": "https://support.f5.com/csp/article/K26618426",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K26618426"
            },
            {
              "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0007",
              "refsource": "CONFIRM",
              "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0007"
            },
            {
              "name": "http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html"
            }
          ]
        },
        "source": {
          "advisory": "https://usn.ubuntu.com/4017-1",
          "defect": [
            "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1831638"
          ],
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
    "assignerShortName": "canonical",
    "cveId": "CVE-2019-11478",
    "datePublished": "2019-06-18T23:34:51.077Z",
    "dateReserved": "2019-04-23T00:00:00.000Z",
    "dateUpdated": "2024-09-16T23:45:54.779Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-11479 (GCVE-0-2019-11479)

Vulnerability from cvelistv5 – Published: 2019-06-18 23:34 – Updated: 2024-09-16 23:22

Summary

Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363.

Severity

5.3 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE

CWE-405 - Asymmetric Resource Consumption (Amplification)

Assigner

canonical

References

28 references

URL	Tags
http://www.securityfocus.com/bid/108818	vdb-entryx_refsource_BID
https://www.kb.cert.org/vuls/id/905115	third-party-advisoryx_refsource_CERT-VN
https://access.redhat.com/errata/RHSA-2019:1594	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:1602	vendor-advisoryx_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2019/06/28/2	mailing-listx_refsource_MLIST
https://usn.ubuntu.com/4041-2/	vendor-advisoryx_refsource_UBUNTU
http://www.openwall.com/lists/oss-security/2019/07/06/3	mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2019/07/06/4	mailing-listx_refsource_MLIST
https://access.redhat.com/errata/RHSA-2019:1699	vendor-advisoryx_refsource_REDHAT
https://usn.ubuntu.com/4041-1/	vendor-advisoryx_refsource_UBUNTU
https://www.oracle.com/security-alerts/cpujan2020.html	x_refsource_MISC
https://www.oracle.com/security-alerts/cpuoct2020.html	x_refsource_MISC
https://github.com/Netflix/security-bulletins/blo…	x_refsource_MISC
https://wiki.ubuntu.com/SecurityTeam/KnowledgeBas…	x_refsource_MISC
https://access.redhat.com/security/vulnerabilitie…	x_refsource_MISC
https://kb.pulsesecure.net/articles/Pulse_Securit…	x_refsource_CONFIRM
https://www.synology.com/security/advisory/Synolo…	x_refsource_CONFIRM
https://security.netapp.com/advisory/ntap-2019062…	x_refsource_CONFIRM
https://kc.mcafee.com/corporate/index?page=conten…	x_refsource_CONFIRM
https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
https://www.us-cert.gov/ics/advisories/icsa-19-253-03	x_refsource_MISC
http://www.arubanetworks.com/assets/alert/ARUBA-P…	x_refsource_CONFIRM
https://git.kernel.org/pub/scm/linux/kernel/git/d…	x_refsource_MISC
https://git.kernel.org/pub/scm/linux/kernel/git/d…	x_refsource_MISC
https://support.f5.com/csp/article/K35421172	x_refsource_CONFIRM
https://psirt.global.sonicwall.com/vuln-detail/SN…	x_refsource_CONFIRM
https://support.f5.com/csp/article/K35421172?utm_…	x_refsource_CONFIRM
https://www.us-cert.gov/ics/advisories/icsma-20-170-06	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
Linux	Linux kernel	Affected: 4.4 , < 4.4.182 (custom) Affected: 4.9 , < 4.9.182 (custom) Affected: 4.14 , < 4.14.127 (custom) Affected: 4.19 , < 4.19.52 (custom) Affected: 5.1 , < 5.1.11 (custom)

Date Public

2019-06-17 00:00

Credits

Jonathan Looney from Netflix

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:55:40.780Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "108818",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108818"
          },
          {
            "name": "VU#905115",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/905115"
          },
          {
            "name": "RHSA-2019:1594",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1594"
          },
          {
            "name": "RHSA-2019:1602",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1602"
          },
          {
            "name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
          },
          {
            "name": "USN-4041-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4041-2/"
          },
          {
            "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
          },
          {
            "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
          },
          {
            "name": "RHSA-2019:1699",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1699"
          },
          {
            "name": "USN-4041-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4041-1/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/vulnerabilities/tcpsack"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.synology.com/security/advisory/Synology_SA_19_28"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20190625-0001/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=5f3e2bf008c2221478101ee72f5cb4654b9fc363"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=967c05aee439e6e5d7d805e195b3a20ef5c433d6"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K35421172"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0008"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K35421172?utm_source=f5support\u0026amp%3Butm_medium=RSS"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/icsma-20-170-06"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Linux kernel",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4.4.182",
              "status": "affected",
              "version": "4.4",
              "versionType": "custom"
            },
            {
              "lessThan": "4.9.182",
              "status": "affected",
              "version": "4.9",
              "versionType": "custom"
            },
            {
              "lessThan": "4.14.127",
              "status": "affected",
              "version": "4.14",
              "versionType": "custom"
            },
            {
              "lessThan": "4.19.52",
              "status": "affected",
              "version": "4.19",
              "versionType": "custom"
            },
            {
              "lessThan": "5.1.11",
              "status": "affected",
              "version": "5.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Jonathan Looney from Netflix"
        }
      ],
      "datePublic": "2019-06-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-405",
              "description": "CWE-405 Asymmetric Resource Consumption (Amplification)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-20T21:14:56.000Z",
        "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "shortName": "canonical"
      },
      "references": [
        {
          "name": "108818",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108818"
        },
        {
          "name": "VU#905115",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/905115"
        },
        {
          "name": "RHSA-2019:1594",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1594"
        },
        {
          "name": "RHSA-2019:1602",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1602"
        },
        {
          "name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
        },
        {
          "name": "USN-4041-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4041-2/"
        },
        {
          "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
        },
        {
          "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
        },
        {
          "name": "RHSA-2019:1699",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1699"
        },
        {
          "name": "USN-4041-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4041-1/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://access.redhat.com/security/vulnerabilities/tcpsack"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.synology.com/security/advisory/Synology_SA_19_28"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20190625-0001/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=5f3e2bf008c2221478101ee72f5cb4654b9fc363"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=967c05aee439e6e5d7d805e195b3a20ef5c433d6"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K35421172"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0008"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K35421172?utm_source=f5support\u0026amp%3Butm_medium=RSS"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/icsma-20-170-06"
        }
      ],
      "source": {
        "defect": [
          "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1832286"
        ],
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.0.7"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@ubuntu.com",
          "DATE_PUBLIC": "2019-06-17T00:00:00.000Z",
          "ID": "CVE-2019-11479",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Linux kernel",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "4.4",
                            "version_value": "4.4.182"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "4.9",
                            "version_value": "4.9.182"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "4.14",
                            "version_value": "4.14.127"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "4.19",
                            "version_value": "4.19.52"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "5.1",
                            "version_value": "5.1.11"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Linux"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Jonathan Looney from Netflix"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.7"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-405 Asymmetric Resource Consumption (Amplification)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "108818",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108818"
            },
            {
              "name": "VU#905115",
              "refsource": "CERT-VN",
              "url": "https://www.kb.cert.org/vuls/id/905115"
            },
            {
              "name": "RHSA-2019:1594",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1594"
            },
            {
              "name": "RHSA-2019:1602",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1602"
            },
            {
              "name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
            },
            {
              "name": "USN-4041-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4041-2/"
            },
            {
              "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
            },
            {
              "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
            },
            {
              "name": "RHSA-2019:1699",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1699"
            },
            {
              "name": "USN-4041-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4041-1/"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujan2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
            },
            {
              "name": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md",
              "refsource": "MISC",
              "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md"
            },
            {
              "name": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic",
              "refsource": "MISC",
              "url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic"
            },
            {
              "name": "https://access.redhat.com/security/vulnerabilities/tcpsack",
              "refsource": "MISC",
              "url": "https://access.redhat.com/security/vulnerabilities/tcpsack"
            },
            {
              "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193",
              "refsource": "CONFIRM",
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193"
            },
            {
              "name": "https://www.synology.com/security/advisory/Synology_SA_19_28",
              "refsource": "CONFIRM",
              "url": "https://www.synology.com/security/advisory/Synology_SA_19_28"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20190625-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20190625-0001/"
            },
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf"
            },
            {
              "name": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt"
            },
            {
              "name": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=5f3e2bf008c2221478101ee72f5cb4654b9fc363",
              "refsource": "MISC",
              "url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=5f3e2bf008c2221478101ee72f5cb4654b9fc363"
            },
            {
              "name": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=967c05aee439e6e5d7d805e195b3a20ef5c433d6",
              "refsource": "MISC",
              "url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=967c05aee439e6e5d7d805e195b3a20ef5c433d6"
            },
            {
              "name": "https://support.f5.com/csp/article/K35421172",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K35421172"
            },
            {
              "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0008",
              "refsource": "CONFIRM",
              "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0008"
            },
            {
              "name": "https://support.f5.com/csp/article/K35421172?utm_source=f5support\u0026amp;utm_medium=RSS",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K35421172?utm_source=f5support\u0026amp;utm_medium=RSS"
            },
            {
              "name": "https://www.us-cert.gov/ics/advisories/icsma-20-170-06",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/icsma-20-170-06"
            }
          ]
        },
        "source": {
          "defect": [
            "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1832286"
          ],
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
    "assignerShortName": "canonical",
    "cveId": "CVE-2019-11479",
    "datePublished": "2019-06-18T23:34:51.124Z",
    "dateReserved": "2019-04-23T00:00:00.000Z",
    "dateUpdated": "2024-09-16T23:22:00.170Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2023-0507

CVE-2019-11477 (GCVE-0-2019-11477)

CVE-2019-11478 (GCVE-0-2019-11478)

CVE-2019-11479 (GCVE-0-2019-11479)

Tags

Sightings

Nomenclature