CVE-2019-11477

Name
CVE-2019-11477
Description
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Patch https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md
Mitigation https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic
Third Party Advisory https://access.redhat.com/security/vulnerabilities/tcpsack
Mailing List https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff
Third Party Advisory https://support.f5.com/csp/article/K78234183
Third Party Advisory http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html
Third Party Advisory https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193
CERT-VN https://www.kb.cert.org/vuls/id/905115
MLIST http://www.openwall.com/lists/oss-security/2019/06/20/3
CONFIRM https://www.synology.com/security/advisory/Synology_SA_19_28
CONFIRM https://security.netapp.com/advisory/ntap-20190625-0001/
REDHAT https://access.redhat.com/errata/RHSA-2019:1594
REDHAT https://access.redhat.com/errata/RHSA-2019:1602
CONFIRM https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006
CONFIRM https://kc.mcafee.com/corporate/index?page=content&id=SB10287
MLIST http://www.openwall.com/lists/oss-security/2019/06/28/2
CONFIRM http://www.vmware.com/security/advisories/VMSA-2019-0010.html
MLIST http://www.openwall.com/lists/oss-security/2019/07/06/3
MLIST http://www.openwall.com/lists/oss-security/2019/07/06/4
REDHAT https://access.redhat.com/errata/RHSA-2019:1699
CONFIRM https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf
MISC https://www.us-cert.gov/ics/advisories/icsa-19-253-03
MISC http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html
MLIST http://www.openwall.com/lists/oss-security/2019/10/24/1
MLIST http://www.openwall.com/lists/oss-security/2019/10/29/3
CONFIRM http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en
MISC https://www.oracle.com/security-alerts/cpujan2020.html
CONFIRM http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt
MISC https://www.oracle.com/security-alerts/cpuoct2020.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* linux_kernel >= None < 4.4.182
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* linux_kernel >= 4.10 < 4.14.127
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* linux_kernel >= 4.20 < 5.1.11
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* linux_kernel >= 4.5 < 4.9.182
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* linux_kernel >= 4.15 < 4.19.52

Vulnerable and fixed packages

Source package Branch Version Maintainer Status