Lucene search

[email protected]CVE-2019-11477

HistoryJun 19, 2019 - 12:15 a.m.

CVE-2019-11477

2019-06-1900:15:12

CWE-190

[email protected]

web.nvd.nist.gov

668

cve

2019

11477

integer overflow

linux kernel

tcp

sacks

denial of service

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.4

Confidence

High

EPSS

0.972

Percentile

99.8%

JSON

Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.

Affected configurations

NVD

Node

linuxlinux_kernelRange2.6.29–3.16.69

linuxlinux_kernelRange3.17–4.4.182

linuxlinux_kernelRange4.5–4.9.182

linuxlinux_kernelRange4.10–4.14.127

linuxlinux_kernelRange4.15–4.19.52

linuxlinux_kernelRange4.20–5.1.11

Node

f5big-ip_advanced_firewall_managerRange11.5.2–11.6.4

f5big-ip_advanced_firewall_managerRange12.1.0–12.1.4

f5big-ip_advanced_firewall_managerRange13.1.0–13.1.1

f5big-ip_advanced_firewall_managerRange14.0.0–14.1.0

f5big-ip_advanced_firewall_managerMatch15.0.0

Node

f5big-ip_access_policy_managerRange11.5.2–11.6.4

f5big-ip_access_policy_managerRange12.1.0–12.1.4

f5big-ip_access_policy_managerRange13.1.0–13.1.1

f5big-ip_access_policy_managerRange14.0.0–14.1.0

f5big-ip_access_policy_managerMatch15.0.0

Node

f5big-ip_application_acceleration_managerRange11.5.2–11.6.4

f5big-ip_application_acceleration_managerRange12.1.0–12.1.4

f5big-ip_application_acceleration_managerRange13.1.0–13.1.1

f5big-ip_application_acceleration_managerRange14.0.0–14.1.0

f5big-ip_application_acceleration_managerMatch15.0.0

Node

f5big-ip_link_controllerRange11.5.2–11.6.4

f5big-ip_link_controllerRange12.1.0–12.1.4

f5big-ip_link_controllerRange13.1.0–13.1.1

f5big-ip_link_controllerRange14.0.0–14.1.0

f5big-ip_link_controllerMatch15.0.0

Node

f5big-ip_policy_enforcement_managerRange11.5.2–11.6.4

f5big-ip_policy_enforcement_managerRange12.1.0–12.1.4

f5big-ip_policy_enforcement_managerRange13.1.0–13.1.1

f5big-ip_policy_enforcement_managerRange14.0.0–14.1.0

f5big-ip_policy_enforcement_managerMatch15.0.0

Node

f5big-ip_webacceleratorRange11.5.2–11.6.4

f5big-ip_webacceleratorRange12.1.0–12.1.4

f5big-ip_webacceleratorRange13.1.0–13.1.1

f5big-ip_webacceleratorRange14.0.0–14.1.0

f5big-ip_webacceleratorMatch15.0.0

Node

f5big-ip_application_security_managerRange11.5.2–11.6.4

f5big-ip_application_security_managerRange12.1.0–12.1.4

f5big-ip_application_security_managerRange13.1.0–13.1.1

f5big-ip_application_security_managerRange14.0.0–14.1.0

f5big-ip_application_security_managerMatch15.0.0

Node

f5big-ip_local_traffic_managerRange11.5.2–11.6.4

f5big-ip_local_traffic_managerRange12.1.0–12.1.4

f5big-ip_local_traffic_managerRange13.1.0–13.1.1

f5big-ip_local_traffic_managerRange14.0.0–14.1.0

f5big-ip_local_traffic_managerMatch15.0.0

Node

f5big-ip_fraud_protection_serviceRange11.5.2–11.6.4

f5big-ip_fraud_protection_serviceRange12.1.0–12.1.4

f5big-ip_fraud_protection_serviceRange13.1.0–13.1.1

f5big-ip_fraud_protection_serviceRange14.0.0–14.1.0

f5big-ip_fraud_protection_serviceMatch15.0.0

Node

f5big-ip_global_traffic_managerRange11.5.2–11.6.4

f5big-ip_global_traffic_managerRange12.1.0–12.1.4

f5big-ip_global_traffic_managerRange13.1.0–13.1.1

f5big-ip_global_traffic_managerRange14.0.0–14.1.0

f5big-ip_global_traffic_managerMatch15.0.0

Node

f5big-ip_analyticsRange11.5.2–11.6.4

f5big-ip_analyticsRange12.1.0–12.1.4

f5big-ip_analyticsRange13.1.0–13.1.1

f5big-ip_analyticsRange14.0.0–14.1.0

f5big-ip_analyticsMatch15.0.0

Node

f5big-ip_edge_gatewayRange11.5.2–11.6.4

f5big-ip_edge_gatewayRange12.1.0–12.1.4

f5big-ip_edge_gatewayRange13.1.0–13.1.1

f5big-ip_edge_gatewayRange14.0.0–14.1.0

f5big-ip_edge_gatewayMatch15.0.0

Node

f5big-ip_domain_name_systemRange11.5.2–11.6.4

f5big-ip_domain_name_systemRange12.1.0–12.1.4

f5big-ip_domain_name_systemRange13.1.0–13.1.1

f5big-ip_domain_name_systemRange14.0.0–14.1.0

f5big-ip_domain_name_systemMatch15.0.0

Node

canonicalubuntu_linuxMatch12.04esm

canonicalubuntu_linuxMatch14.04esm

canonicalubuntu_linuxMatch16.04lts

canonicalubuntu_linuxMatch18.04lts

canonicalubuntu_linuxMatch18.10

canonicalubuntu_linuxMatch19.04

Node

redhatenterprise_linux_atomic_hostMatch-

redhatenterprise_linuxMatch5.0

redhatenterprise_linuxMatch6.0

redhatenterprise_linuxMatch7.0

redhatenterprise_linuxMatch8.0

redhatenterprise_linux_ausMatch6.5

redhatenterprise_linux_ausMatch6.6

redhatenterprise_linux_eusMatch7.4

redhatenterprise_linux_eusMatch7.5

redhatenterprise_mrgMatch2.0

Node

ivanticonnect_secureMatch-

pulsesecurepulse_policy_secureMatch-

pulsesecurepulse_secure_virtual_application_delivery_controllerMatch-

Node

f5traffix_signaling_delivery_controllerRange5.0.0–5.1.0

CNA Affected

[
  {
    "product": "Linux kernel",
    "vendor": "Linux",
    "versions": [
      {
        "lessThan": "4.4.182",
        "status": "affected",
        "version": "4.4",
        "versionType": "custom"
      },
      {
        "lessThan": "4.9.182",
        "status": "affected",
        "version": "4.9",
        "versionType": "custom"
      },
      {
        "lessThan": "4.14.127",
        "status": "affected",
        "version": "4.14",
        "versionType": "custom"
      },
      {
        "lessThan": "4.19.52",
        "status": "affected",
        "version": "4.19",
        "versionType": "custom"
      },
      {
        "lessThan": "5.1.11",
        "status": "affected",
        "version": "5.1",
        "versionType": "custom"
      }
    ]
  }
]

References

packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html

packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html

www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt

www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en

www.openwall.com/lists/oss-security/2019/06/20/3

www.openwall.com/lists/oss-security/2019/06/28/2

www.openwall.com/lists/oss-security/2019/07/06/3

www.openwall.com/lists/oss-security/2019/07/06/4

www.openwall.com/lists/oss-security/2019/10/24/1

www.openwall.com/lists/oss-security/2019/10/29/3

www.vmware.com/security/advisories/VMSA-2019-0010.html

access.redhat.com/errata/RHSA-2019:1594

access.redhat.com/errata/RHSA-2019:1602

access.redhat.com/errata/RHSA-2019:1699

access.redhat.com/security/vulnerabilities/tcpsack

cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf

git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff

github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md

kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193

kc.mcafee.com/corporate/index?page=content&id=SB10287

psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006

security.netapp.com/advisory/ntap-20190625-0001/

support.f5.com/csp/article/K78234183

wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic

www.kb.cert.org/vuls/id/905115

www.oracle.com/security-alerts/cpujan2020.html

www.oracle.com/security-alerts/cpuoct2020.html

www.synology.com/security/advisory/Synology_SA_19_28

www.us-cert.gov/ics/advisories/icsa-19-253-03

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.4

Confidence

High

EPSS

0.972

Percentile

99.8%

JSON

CVE-2019-11477

Affected configurations

CNA Affected

References

Related