Attacker Value
Very Low
(2 users assessed)
Exploitability
Moderate
(2 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

TCP SACK PANIC

Last updated February 13, 2020
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

A Linux kernel vulnerability in TCP networking could allow DoS

CVE-2019-11477 is considered an Important severity, whereas CVE-2019-11478 and CVE-2019-11479 are considered a Moderate severity. The first two are related to the Selective Acknowledgement (SACK) packets combined with Maximum Segment Size (MSS), the third solely with the Maximum Segment Size (MSS).

Vulnerable code exists in https://github.com/torvalds/linux/blob/master/include/linux/skbuff.h

This might stick around in various embedded hardware, which could be more disasterous if DoS’ed, but it’s too early to tell.

Add Assessment

1
Ratings
  • Attacker Value
    Very Low
  • Exploitability
    Medium
Common in enterpriseVulnerable in default configurationNo useful access
Technical Analysis

Because this is a kernel panic, it is only useful if your goal is to take the host offline. Because DOS attacks are less useful overall to an attacker than RCE, LFI, or anything useful really, these vulnerabilities are not useful to have in your toolkit.

Log in to Add Reply
1
Ratings
  • Attacker Value
    Very Low
Technical Analysis

Likely a dud, but it’s worth watching if this turns from a DoS to an RCE.

Log in to Add Reply

General Information

Offensive Application
remote
Utility Class
other
Ports
Unknown
OS
Linux, RHEL
Vulnerable Versions
Unknown
Prerequisites
Unknown
Discovered By
Jonathan Looney (Netflix Information Security)
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Additional Info

Authenticated
Never
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Very Strong
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis