Siemens Industrial Products Integer Overflow or Wraparound or Uncontrolled Resource Consumption (ICSA-19-253-03)

The kernel of the listed devices is affected by an integer overflow when handling TCP Selective Acknowledgements, which could allow a remote attacker to cause a denial-of-service condition. Also, a remote attacker sending specially crafted TCP Selective Acknowledgment (SACK) sequences may cause a denial-of-service condition. And, finally, an attacker may exploit a vulnerability in the TCP retransmission queue when handling SACK to cause a denial-of-service condition.