CVE-2019-11477

Published: 19/06/2019 Updated: 27/02/2024

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 696

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
f5 big-ip advanced firewall manager
f5 big-ip advanced firewall manager 15.0.0
f5 big-ip access policy manager
f5 big-ip access policy manager 15.0.0
f5 big-ip application acceleration manager
f5 big-ip application acceleration manager 15.0.0
f5 big-ip link controller
f5 big-ip link controller 15.0.0
f5 big-ip policy enforcement manager
f5 big-ip policy enforcement manager 15.0.0
f5 big-ip webaccelerator
f5 big-ip webaccelerator 15.0.0
f5 big-ip application security manager
f5 big-ip application security manager 15.0.0
f5 big-ip local traffic manager
f5 big-ip local traffic manager 15.0.0
f5 big-ip fraud protection service
f5 big-ip fraud protection service 15.0.0
f5 big-ip global traffic manager
f5 big-ip global traffic manager 15.0.0
f5 big-ip analytics
f5 big-ip analytics 15.0.0
f5 big-ip edge gateway
f5 big-ip edge gateway 15.0.0
f5 big-ip domain name system
f5 big-ip domain name system 15.0.0
canonical ubuntu linux 16.04
canonical ubuntu linux 12.04
canonical ubuntu linux 18.04
canonical ubuntu linux 18.10
canonical ubuntu linux 19.04
canonical ubuntu linux 14.04
redhat enterprise linux 7.0
redhat enterprise linux 6.0
redhat enterprise linux aus 6.6
redhat enterprise linux 5.0
redhat enterprise linux aus 6.5
redhat enterprise linux eus 7.4
redhat enterprise linux eus 7.5
redhat enterprise linux 8.0
redhat enterprise linux atomic host -
redhat enterprise mrg 2.0
pulsesecure pulse policy secure -
pulsesecure pulse secure virtual application delivery controller -
ivanti connect secure -
f5 traffix signaling delivery controller

Debian Bug report logs - #928989 linux-image-4190-4-amd64: CVE-2019-11815 Package: src:linux; Maintainer for src:linux is Debian Kernel Team <debian-kernel@listsdebianorg>; Reported by: Jeff Cliff <jeffreycliff@gmailcom> Date: Tue, 14 May 2019 18:39:01 UTC Severity: important Tags: security Found in versions l ...

The system could be made to crash if it received specially crafted network traffic ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2019-3846 , CVE-2019-10126 huangwen reported multiple buffer overflows in the Marvell wifi (mwifiex) driver, which a local user could use to cause denial of service or the execution of ar ...

CVE-2019-11477, CVE-2019-11478 and CVE-2019-11479 describe vulnerabilities in the Linux kernel that can be remotely exploited using a specially crafted TCP connection, crashing the targeted system The latest Amazon Linux AMIs as available in AWS EC2 already contain these kernels and are not vulnerable ...

CVE-2019-11477, CVE-2019-11478 and CVE-2019-11479 describe vulnerabilities in the Linux kernel that can be remotely exploited using a specially crafted TCP connection, crashing the targeted system The latest Amazon Linux 2 AMIs as available in AWS EC2 already contain these kernels and are not vulnerable ...

Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 74 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Comm ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 73 Advanced Update Support, Red Hat Enterprise Linux 73 Telco Extended Update Support, and Red Hat Enterprise Linux 73 Update Services ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) b ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 66 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 72 Advanced Update Support, Red Hat Enterprise Linux 72 Telco Extended Update Support, and Red Hat Enterprise Linux 72 Update Services ...

Synopsis Important: redhat-virtualization-host security and enhancement update Type/Severity Security Advisory: Important Topic An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a sec ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 65 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...

Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise MRG 2Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVS ...

Synopsis Important: kernel-rt security update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base sc ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) b ...

Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, w ...

Synopsis Important: redhat-virtualization-host security update Type/Severity Security Advisory: Important Topic An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this updated as having a security impact of ...

Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 75 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...

Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (C ...

An integer overflow has been discovered in the Linux kernel when handling TCP Selective Acknowledgments (SACKs) A sequence of SACKs may be crafted such that one can trigger a kernel panic A remote attacker could use this to cause a denial of service (system crash) ...

PAN-SA-2019-0013 Information about TCP SACK Panic Findings in PAN-OS ...

Description of Problem Multiple denial of service vulnerabilities have been identified in the Citrix SD-WAN Appliance and Citrix SD-WAN Center Management Console These vulnerabilities could permit a remote attacker to cause a denial of service by causing a host crash or by causing reduced service capacity due to resource exhaustion The vulnerabil ...

An integer overflow vulnerability was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments A remote attacker could use this to cause a denial of service (Vulnerability ID: HWPSIRT-2019-06130) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2019-11 ...

Critical Infrastructure Sectors: Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater Systems

Hi all, Per our current policy and precedents, I see no valid reasons not to subscribe Microsoft (or part(s) of it, see below) to linux-distros So I intend to figure out some detail and proceed with the subscription The only voiced reasons not to, such as in Georgi Guninski's posting and in comments on some technology news sites that covered M ...

On Sat, Jul 06, 2019 at 09:37:37PM +0200, Solar Designer wrote: Thank you [snip] Sure, give me a day or two to get it out I'll cross-post LKML/ksummit-discuss/oss-security as I think it's one of those times it actually makes sense Whatever list admins/members are comfortable with Yes, this is tricky Maybe "Microsoft Linux Systems G ...

On Fri, Jun 28, 2019 at 02:57:43PM +0200, Solar Designer wrote: True, but we care about more than just the kernel side of things Can I suggest that we fork the discussion around security-bugsrst to LKML? I can suggest an initial patch to address your comments here but I think that this is better handled on LKML My concern with Monday is ...

Netflix has identified several TCP networking vulnerabilities in FreeBSD and Linux kernels The vulnerabilities specifically relate to the minimum segment size (MSS) and TCP Selective Acknowledgement (SACK) capabilities The most serious, dubbed “SACK Panic,” allows a remotely-triggered kernel panic on recent Linux kernels There are patc ...

Chef cookbook with persistent syctl fix for TCP SACK DoS vulnerability

Fix CVE-2019-11477 SACK Panic Denial of Service Introduction This cookbook is a useful example of basic chef functionality Consisting of just two components, the metadata and the recipe, it is a good example for teaching core chef concepts Default Recipe The default recipe sets a sysctl variable: netipv4tcp_sack = 0 With SACK disabled

CVE-2019-11477-ubuntu-livepatch github kpatch 04 kpatch-build -t vmlinux ubuntu-440-62-genericpatch --skip-gcc-check kpatch load kpatch-ubuntu-4-4-0-62-generic-CVE-2019-11477ko

docLinux Изменение размера root lvm раздела Логирование вывода консоли Перенаправления OOM killer mount - примеры Демон подкачки ядра (kswapd) Заставить «OOM killer'а» игнорировать процесс Как просмотреть активные проце�

Статьи о Linux

Frankfurter Freifunk-Firmware Firmware-Branches Stable Die aktuelle Stabile Firmware Die Releases basieren auf den Git-Tags, die unter githubcom/freifunk-ffm/site-ffffm/releases zu finden sind Wenn du selbst eine Stable-Firmware bauen willst, musst du den entsprechenden Tag auschecken und mittels "/cish" bauen RC Eine Release Candidate-Firmware ist eine

proj283-Automated-Security-Testing-of-Protocol-Stacks-in-OS-kernels 标题操作系统内核协议栈的自动化安全测试 Automated Security Testing of Protocol Stacks in OS kernels 项目描述操作系统内核中集成了TCP/IP、WiFi、蓝牙、USB等多种主流协议栈，用于实现设备间的数据传输和通信交互。然而，现有内核协议栈的缺陷�

Sad SACK: Linux PCs, servers, gadgets may be crashed by 'Ping of Death' network packets

The Register • Shaun Nichols in San Francisco • 17 Jun 2019

Don't let miscreants play hacky-SACK with your gear. Apply these mitigations, patches now if you can

It is possible to crash vulnerable network-facing Linux servers, PCs, and gadgets, or slow down their network connections, by sending them a series of maliciously crafted packets. It is also possible to hamper vulnerable FreeBSD machines with the same attack. Given that Linux powers an incredible amount of stuff these days, all sorts of gear from network or internet-connected TVs, routers, thermostats, light switches, CCTV cameras, and robot vacuum cleaners, to servers, PCs, smart fridges, phone...

CVE-2019-11477

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

ICS Advisories

Mailing Lists

Github Repositories

Recent Articles

References

Vulmon Search

About

Products

Connect