> CVE-2019-11477 is considered an Important severity, whereas CVE-2019-11478 and CVE-2019-11479 are considered a Moderate severity. The first two are related to the Selective Acknowledgement (SACK) packets combined with Maximum Segment Size (MSS), the third solely with the Maximum Segment Size (MSS).

Vulnerable code exists in <https://github.com/torvalds/linux/blob/master/include/linux/skbuff.h>

This might stick around in various embedded hardware, which could be more disasterous if DoS’ed, but it’s too early to tell.

Recent assessments:

J3rryBl4nks at March 10, 2020 3:02pm UTC reported:

Because this is a kernel panic, it is only useful if your goal is to take the host offline. Because DOS attacks are less useful overall to an attacker than RCE, LFI, or anything useful really, these vulnerabilities are not useful to have in your toolkit.

asoto-r7 at June 17, 2019 9:06pm UTC reported:

Assessed Attacker Value: 1
Assessed Attacker Value: 1Assessed Attacker Value: 3

References

access.redhat.com/security/vulnerabilities/tcpsack

github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md

github.com/torvalds/linux/blob/master/include/linux/skbuff.h

nessus 67

ibm 21

redhat 15

openvas 27

arista 1

oraclelinux 10

myhack58 1

mscve 1

fortinet 1

archlinux 4

citrix 2

fedora 2

amazon 2

checkpoint_security 1

centos 2

threatpost 1

virtuozzo 4

zdt 1

cert 1

mageia 3

paloalto 1

symantec 1

ics 2

vmware 2

cloudfoundry 3

ubuntu 4

qualysblog 1

debian 1

osv 1

debiancve 2

nvd 2

cvelist 2

redhatcve 2

veracode 2

ubuntucve 1

cve 1

prion 2

f5 2

nessus

Oracle Linux 7 : kernel (ELSA-2019-1481)

2019-06-19 00:00:00

CentOS 7 : kernel (CESA-2019:1481) (SACK Panic) (SACK Slowness)

2019-06-19 00:00:00

RHEL 7 : kernel-rt (RHSA-2019:1486) (SACK Panic) (SACK Slowness)

2019-06-18 00:00:00

ibm

Security Bulletin: IBM Security Guardium is affected by a TCP SACK PANIC -Kernel vulnerability

2020-10-06 20:36:57

Security Bulletin: Vulnerabilities in kernel affect Power Hardware Management Console (CVE-2019-11479,CVE-2019-11477 and CVE-2019-11478)

2021-09-22 23:38:15

Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerability (CVE-2019-11479, CVE-2019-11478, CVE-2019-11477)

2020-01-29 16:27:06

redhat

(RHSA-2019:1481) Important: kernel security update

2019-06-17 17:31:05

(RHSA-2019:1486) Important: kernel-rt security update

2019-06-17 19:45:06

(RHSA-2019:1484) Important: kernel security and bug fix update

2019-06-17 19:12:10

openvas

Greenbone OS - Kernel Denial of Service Vulnerabilities (Jun 2019)

2019-06-21 00:00:00

CentOS Update for kernel CESA-2019:1481 centos7

2019-06-19 00:00:00

Fedora Update for kernel-headers FEDORA-2019-6c3d89b3d0

2019-06-19 00:00:00

arista

Security Advisory 0041

2019-06-26 00:00:00

oraclelinux

Unbreakable Enterprise kernel security update

2019-06-17 00:00:00

kernel security update

2019-06-18 00:00:00

Unbreakable Enterprise kernel security update

2019-06-17 00:00:00

myhack58

CVE-2019-11477: Linux kernel TCP SACK mechanism remote Dos early warning analysis-vulnerability warning-the black bar safety net

2019-06-19 00:00:00

mscve

Linux Kernel TCP SACK Denial of Service Vulnerability

2019-06-28 07:00:00

fortinet

TCP SACK panic attack- Linux Kernel Vulnerabilities- CVE-2019-11477, CVE-2019-11478 & CVE-2019-11479

2019-11-29 00:00:00

archlinux

[ASA-201906-14] linux-lts: denial of service

2019-06-18 00:00:00

[ASA-201906-12] linux-hardened: denial of service

2019-06-17 00:00:00

[ASA-201906-13] linux: denial of service

2019-06-18 00:00:00

citrix

Citrix SD-WAN Security Update

2019-09-11 04:00:00

Citrix Hypervisor Security Update.

2019-07-08 04:00:00

fedora

[SECURITY] Fedora 29 Update: kernel-headers-5.1.11-200.fc29

2019-06-18 21:19:41

[SECURITY] Fedora 30 Update: kernel-headers-5.1.11-300.fc30

2019-06-18 18:15:45

amazon

Critical: kernel

2019-06-13 22:11:00

Critical: kernel

2019-06-13 21:37:00

checkpoint_security

Check Point response to TCP SACK PANIC - Linux Kernel vulnerabilities - CVE-2019-11477, CVE-2019-11478 and CVE-2019-11479

2019-06-18 05:16:31

centos

bpftool, kernel, perf, python security update

2019-06-19 00:21:01

kernel, perf, python security update

2019-06-19 00:19:05

threatpost

Linux Kernel Bug Knocks PCs, IoT Gadgets and More Offline

2019-06-18 18:43:50

virtuozzo

Important kernel security update: New kernel 2.6.32-042stab139.1; Virtuozzo 6.0 Update 12 Hotfix 43 (6.0.12-3743)

2019-06-20 00:00:00

Important kernel security update: New kernel 2.6.32-042stab139.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

2019-06-20 00:00:00

Kernel update: Virtuozzo ReadyKernel patch 82.2 for Virtuozzo 7.0.8 HF1 and 7.0.10 HF1

2019-06-27 00:00:00

zdt

Linux / FreeBSD TCP-Based Denial Of Service Vulnerability

2019-06-18 00:00:00

cert

Multiple TCP Selective Acknowledgement (SACK) and Maximum Segment Size (MSS) networking vulnerabilities may cause denial-of-service conditions in Linux and FreeBSD kernels

2019-06-20 00:00:00

mageia

Updated kernel packages fix security vulnerability

2019-06-21 04:07:01

Updated kernel-tmb packages fix security vulnerability

2019-06-21 04:07:01

Updated kernel-linus packages fix security vulnerability

2019-06-21 04:07:01

paloalto

Information about TCP SACK Panic Findings in PAN-OS

2019-06-27 00:00:00

symantec

Linux Kernel Vulnerabilities May-June 2019

2019-09-05 08:00:00

ics

Siemens Industrial Products (Update R)

2022-05-12 12:00:00

BD Alaris PCU (Update A)

2021-03-15 12:00:00

vmware

VMware product updates address Linux kernel vulnerabilities in TCP Selective Acknowledgement (SACK) (CVE-2019-11477, CVE-2019-11478)

2019-07-02 00:00:00

VMware product updates address Linux kernel vulnerabilities in TCP Selective Acknowledgement (SACK) (CVE-2019-11477, CVE-2019-11478)

2019-07-02 00:00:00

cloudfoundry

USN-4017-1: Linux kernel vulnerabilities | Cloud Foundry

2019-07-03 00:00:00

USN-4041-1: Linux kernel update | Cloud Foundry

2019-07-29 00:00:00

USN-4041-2: Linux kernel (HWE) update | Cloud Foundry

2019-08-29 00:00:00

ubuntu

Linux kernel vulnerabilities

2019-06-17 00:00:00

Linux kernel vulnerabilities

2019-06-17 00:00:00

Linux kernel (HWE) update

2019-06-29 00:00:00

qualysblog

July 2019 Patch Tuesday – 77 Vulns, 15 Critical, DHCP RCE, Exploited PrivEsc, SQL, Adobe Vulns

2019-07-09 18:12:39

debian

[SECURITY] [DLA 1823-1] linux security update

2019-06-17 23:42:52

osv

linux - security update

2019-06-17 00:00:00

debiancve

CVE-2019-11479

2019-06-19 00:15:12

CVE-2019-11477

2019-06-19 00:15:12

nvd

CVE-2019-11477

2019-06-19 00:15:12

CVE-2019-11479

2019-06-19 00:15:12

cvelist

CVE-2019-11479

2019-06-17 00:00:00

CVE-2019-11477 Integer overflow in TCP_SKB_CB(skb)->tcp_gso_segs

2019-06-17 00:00:00

redhatcve

CVE-2019-11479

2019-11-12 09:00:43

CVE-2019-11477

2020-11-01 21:54:35

veracode

Denial Of Service (DoS)

2019-06-24 00:20:43

Denial Of Service (DoS)

2019-06-24 00:20:42

ubuntucve

CVE-2019-11479

2019-06-17 00:00:00

cve

CVE-2019-11479

2019-06-19 00:15:12

prion

Integer overflow

2019-06-19 00:15:00

Hardcoded credentials

2019-06-19 00:15:00

K35421172 : Excess resource consumption due to low MSS values vulnerability CVE-2019-11479

2019-06-19 00:00:00

K78234183 : Linux SACK Panic vulnerability CVE-2019-11477

2019-06-19 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

EPSS

0.974

Percentile

99.9%

JSON

Related for AKB:B358B251-7E9D-453E-8802-E59A3DE72FAA