Attacker Value
Very Low
(2 users assessed)
Exploitability
Moderate
(2 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

TCP SACK PANIC

Last updated February 13, 2020
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

A Linux kernel vulnerability in TCP networking could allow DoS

CVE-2019-11477 is considered an Important severity, whereas CVE-2019-11478 and CVE-2019-11479 are considered a Moderate severity. The first two are related to the Selective Acknowledgement (SACK) packets combined with Maximum Segment Size (MSS), the third solely with the Maximum Segment Size (MSS).

Vulnerable code exists in https://github.com/torvalds/linux/blob/master/include/linux/skbuff.h

This might stick around in various embedded hardware, which could be more disasterous if DoS’ed, but it’s too early to tell.

Add Assessment

1
Ratings
Technical Analysis

Because this is a kernel panic, it is only useful if your goal is to take the host offline. Because DOS attacks are less useful overall to an attacker than RCE, LFI, or anything useful really, these vulnerabilities are not useful to have in your toolkit.

1
Ratings
  • Attacker Value
    Very Low
Technical Analysis

Likely a dud, but it’s worth watching if this turns from a DoS to an RCE.

General Information

Additional Info

Technical Analysis