0.003 Low
EPSS
Percentile
71.3%
A flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a net_hash_mix() function. A remote user could observe a weak IP ID generation in this field to track Linux devices.
arxiv.org/pdf/1906.10478.pdf
bugzilla.redhat.com/show_bug.cgi?id=1729931
nvd.nist.gov/vuln/detail/CVE-2019-10638
www.cve.org/CVERecord?id=CVE-2019-10638