CVE-2019-18680

🗓️ 04 Nov 2019 15:15:00Reported by ubuntu.comType

An issue in Linux kernel 4.4.x before 4.4.195 allows NULL pointer dereference in rds_tcp_kill_sock(), causing denial of service

Reporter	Title	Published	Views	Family All 66
BDU FSTEC	The vulnerability of the rds_tcp_kill_sock() function in Linux operating systems allows a hacker to cause a service failure.	22 Jan 202000:00	–	bdu_fstec
Circl	CVE-2019-18680	4 Feb 202407:11	–	circl
CNVD	Linux kernel null pointer dereference vulnerability (CNVD-2019-42388)	5 Nov 201900:00	–	cnvd
CVE	CVE-2019-18680	4 Nov 201914:13	–	cve
Cvelist	CVE-2019-18680	4 Nov 201914:13	–	cvelist
Debian CVE	CVE-2019-18680	4 Nov 201914:13	–	debiancve
EUVD	EUVD-2019-8396	7 Oct 202500:30	–	euvd
NVD	CVE-2019-18680	4 Nov 201915:15	–	nvd
OpenVAS	SUSE: Security Advisory (SUSE-SU-2019:2984-1)	19 Apr 202100:00	–	openvas
OpenVAS	SUSE: Security Advisory (SUSE-SU-2019:3379-1)	19 Apr 202100:00	–	openvas

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	16.04	any	linux-aws	4.4.0-1098.109	linux-aws_4.4.0-1098.109_any.deb
Ubuntu	14.04	any	linux-aws	4.4.0-1058.62	linux-aws_4.4.0-1058.62_any.deb
Ubuntu	16.04	any	linux	4.4.0-168.197	linux_4.4.0-168.197_any.deb
Ubuntu	16.04	any	linux-kvm	4.4.0-1062.69	linux-kvm_4.4.0-1062.69_any.deb
Ubuntu	14.04	any	linux-lts-xenial	4.4.0-168.197~14.04.1	linux-lts-xenial_4.4.0-168.197~14.04.1_any.deb
Ubuntu	16.04	any	linux-raspi2	4.4.0-1125.134	linux-raspi2_4.4.0-1125.134_any.deb
Ubuntu	16.04	any	linux-snapdragon	4.4.0-1129.137	linux-snapdragon_4.4.0-1129.137_any.deb
Ubuntu	16.04	any	linux-fips	4.4.0-1025.30	linux-fips_4.4.0-1025.30_any.deb

Source	Link
lkml	www.lkml.org/lkml/2019/9/18/337
cdn	www.cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.195
git	www.git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/
github	www.github.com/torvalds/linux/commit/91573ae4aed0a49660abdad4d42f2a0db995ee5e
cve	www.cve.org/CVERecord

22 May 2026 23:01Current

7.1High risk

Vulners AI Score7.1

CVSS 3.17.5

CVSS 27.8

EPSS0.03638