Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363.

OSVersionArchitecturePackageVersionFilename
Debian12alllinux< 4.19.37-4linux_4.19.37-4_all.deb
Debian11alllinux< 4.19.37-4linux_4.19.37-4_all.deb
Debian999alllinux< 4.19.37-4linux_4.19.37-4_all.deb
Debian13alllinux< 4.19.37-4linux_4.19.37-4_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	linux	< 4.19.37-4	linux_4.19.37-4_all.deb
Debian	11	all	linux	< 4.19.37-4	linux_4.19.37-4_all.deb
Debian	999	all	linux	< 4.19.37-4	linux_4.19.37-4_all.deb
Debian	13	all	linux	< 4.19.37-4	linux_4.19.37-4_all.deb

nvd 1

nessus 69

cvelist 1

ubuntu 2

redhatcve 1

veracode 1

cloudfoundry 2

ubuntucve 1

cve 1

ibm 21

ics 2

openvas 30

f5 1

prion 1

citrix 1

archlinux 4

redhat 15

fedora 2

arista 1

oraclelinux 10

myhack58 1

mscve 1

fortinet 1

attackerkb 1

centos 2

amazon 2

checkpoint_security 1

threatpost 2

virtuozzo 2

zdt 1

cert 1

mageia 3

paloalto 1

symantec 1

qualysblog 1

debian 4

osv 3

suse 1

photon 3

nvd

CVE-2019-11479

2019-06-19 00:15:12

nessus

Siemens Industrial Products Uncontrolled Resource Consumption (CVE-2019-11479)

2023-12-22 00:00:00

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel update (USN-4041-1)

2019-07-01 00:00:00

F5 Networks BIG-IP : Excess resource consumption due to low MSS values vulnerability (K35421172)

2019-09-25 00:00:00

cvelist

CVE-2019-11479

2019-06-17 00:00:00

ubuntu

Linux kernel (HWE) update

2019-06-29 00:00:00

Linux kernel update

2019-06-29 00:00:00

redhatcve

CVE-2019-11479

2019-11-12 09:00:43

veracode

Denial Of Service (DoS)

2019-06-24 00:20:43

cloudfoundry

USN-4041-1: Linux kernel update | Cloud Foundry

2019-07-29 00:00:00

USN-4041-2: Linux kernel (HWE) update | Cloud Foundry

2019-08-29 00:00:00

ubuntucve

CVE-2019-11479

2019-06-17 00:00:00

cve

CVE-2019-11479

2019-06-19 00:15:12

ibm

Security Bulletin: IBM API Connect V5 is vulnerable to denial of service (CVE-2019-11479)

2020-11-09 20:11:12

Security Bulletin: IBM QRadar Network Security is affected by Linux kernel vulnerabilities (CVE-2019-11479, CVE-2019-11478, CVE-2019-11477)

2019-10-07 06:57:28

Security Bulletin: IBM Cloud Kubernetes Service is affected by Linux Kernel security vulnerabilities (CVE-2019-11477, CVE-2019-11478, CVE-2019-11479)

2019-07-19 18:05:02

ics

BD Alaris PCU (Update A)

2021-03-15 12:00:00

Siemens Industrial Products (Update R)

2022-05-12 12:00:00

openvas

Ubuntu: Security Advisory (USN-4041-2)

2022-08-26 00:00:00

Ubuntu: Security Advisory (USN-4041-1)

2019-06-30 00:00:00

Fedora Update for kernel-headers FEDORA-2019-6c3d89b3d0

2019-06-19 00:00:00

K35421172 : Excess resource consumption due to low MSS values vulnerability CVE-2019-11479

2019-06-19 00:00:00

prion

Hardcoded credentials

2019-06-19 00:15:00

citrix

Citrix SD-WAN Security Update

2019-09-11 04:00:00

archlinux

[ASA-201906-12] linux-hardened: denial of service

2019-06-17 00:00:00

[ASA-201906-13] linux: denial of service

2019-06-18 00:00:00

[ASA-201906-14] linux-lts: denial of service

2019-06-18 00:00:00

redhat

(RHSA-2019:1484) Important: kernel security and bug fix update

2019-06-17 19:12:10

(RHSA-2019:1485) Important: kernel security and bug fix update

2019-06-17 19:12:21

(RHSA-2019:1481) Important: kernel security update

2019-06-17 17:31:05

fedora

[SECURITY] Fedora 29 Update: kernel-headers-5.1.11-200.fc29

2019-06-18 21:19:41

[SECURITY] Fedora 30 Update: kernel-headers-5.1.11-300.fc30

2019-06-18 18:15:45

arista

Security Advisory 0041

2019-06-26 00:00:00

oraclelinux

Unbreakable Enterprise kernel security update

2019-06-17 00:00:00

kernel security update

2019-06-18 00:00:00

Unbreakable Enterprise kernel security update

2019-06-17 00:00:00

myhack58

CVE-2019-11477: Linux kernel TCP SACK mechanism remote Dos early warning analysis-vulnerability warning-the black bar safety net

2019-06-19 00:00:00

mscve

Linux Kernel TCP SACK Denial of Service Vulnerability

2019-06-28 07:00:00

fortinet

TCP SACK panic attack- Linux Kernel Vulnerabilities- CVE-2019-11477, CVE-2019-11478 & CVE-2019-11479

2019-11-29 00:00:00

attackerkb

TCP SACK PANIC

2020-02-13 00:00:00

centos

bpftool, kernel, perf, python security update

2019-06-19 00:21:01

kernel, perf, python security update

2019-06-19 00:19:05

amazon

Critical: kernel

2019-06-13 21:37:00

Critical: kernel

2019-06-13 22:11:00

checkpoint_security

Check Point response to TCP SACK PANIC - Linux Kernel vulnerabilities - CVE-2019-11477, CVE-2019-11478 and CVE-2019-11479

2019-06-18 05:16:31

threatpost

Linux Kernel Bug Knocks PCs, IoT Gadgets and More Offline

2019-06-18 18:43:50

Microsoft Patches A Pair of Zero-Days Under Active Attack

2019-07-09 20:04:36

virtuozzo

Important kernel security update: New kernel 2.6.32-042stab139.1; Virtuozzo 6.0 Update 12 Hotfix 43 (6.0.12-3743)

2019-06-20 00:00:00

Important kernel security update: New kernel 2.6.32-042stab139.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

2019-06-20 00:00:00

zdt

Linux / FreeBSD TCP-Based Denial Of Service Vulnerability

2019-06-18 00:00:00

cert

Multiple TCP Selective Acknowledgement (SACK) and Maximum Segment Size (MSS) networking vulnerabilities may cause denial-of-service conditions in Linux and FreeBSD kernels

2019-06-20 00:00:00

mageia

Updated kernel packages fix security vulnerability

2019-06-21 04:07:01

Updated kernel-tmb packages fix security vulnerability

2019-06-21 04:07:01

Updated kernel-linus packages fix security vulnerability

2019-06-21 04:07:01

paloalto

Information about TCP SACK Panic Findings in PAN-OS

2019-06-27 00:00:00

symantec

Linux Kernel Vulnerabilities May-June 2019

2019-09-05 08:00:00

qualysblog

July 2019 Patch Tuesday – 77 Vulns, 15 Critical, DHCP RCE, Exploited PrivEsc, SQL, Adobe Vulns

2019-07-09 18:12:39

debian

[SECURITY] [DLA 1823-1] linux security update

2019-06-17 23:42:52

[SECURITY] [DSA 4465-1] linux security update

2019-06-17 18:00:31

[SECURITY] [DSA 4465-1] linux security update

2019-06-17 18:00:31

osv

linux - security update

2019-06-17 00:00:00

linux - security update

2019-06-17 00:00:00

linux-4.9 - security update

2019-06-17 00:00:00

suse

Security update for the Linux Kernel (important)

2019-06-18 00:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-1.0-0240

2019-06-20 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0165

2019-06-20 00:00:00

Critical Photon OS Security Update - PHSA-2019-0240

2019-06-20 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.974

Percentile

99.9%

JSON

Related for DEBIANCVE:CVE-2019-11479