CVE-2019-11478

Name
CVE-2019-11478
Description
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Mailing List https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=f070ef2ac66716357066b683fb0baf55f8191a2e
Patch https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md
Mitigation https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic
Third Party Advisory https://access.redhat.com/security/vulnerabilities/tcpsack
Third Party Advisory https://support.f5.com/csp/article/K26618426
Third Party Advisory http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html
Third Party Advisory https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193
CERT-VN https://www.kb.cert.org/vuls/id/905115
CONFIRM https://www.synology.com/security/advisory/Synology_SA_19_28
CONFIRM https://security.netapp.com/advisory/ntap-20190625-0001/
REDHAT https://access.redhat.com/errata/RHSA-2019:1594
REDHAT https://access.redhat.com/errata/RHSA-2019:1602
CONFIRM https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0007
CONFIRM https://kc.mcafee.com/corporate/index?page=content&id=SB10287
MLIST http://www.openwall.com/lists/oss-security/2019/06/28/2
CONFIRM http://www.vmware.com/security/advisories/VMSA-2019-0010.html
MLIST http://www.openwall.com/lists/oss-security/2019/07/06/3
MLIST http://www.openwall.com/lists/oss-security/2019/07/06/4
REDHAT https://access.redhat.com/errata/RHSA-2019:1699
BUGTRAQ https://seclists.org/bugtraq/2019/Jul/30
MISC http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html
CONFIRM https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf
MISC https://www.us-cert.gov/ics/advisories/icsa-19-253-03
MISC http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html
MLIST http://www.openwall.com/lists/oss-security/2019/10/24/1
MLIST http://www.openwall.com/lists/oss-security/2019/10/29/3
MISC https://www.oracle.com/security-alerts/cpujan2020.html
CONFIRM http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt
MISC https://www.oracle.com/security-alerts/cpuoct2020.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* linux_kernel >= None < 4.4.182
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* linux_kernel >= 4.20 < 5.1.11
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* linux_kernel >= 4.10 < 4.14.127
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* linux_kernel >= 4.5 < 4.9.182
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* linux_kernel >= 4.15 < 4.19.52

Vulnerable and fixed packages

Source package Branch Version Maintainer Status