Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Very Low
TCP SACK PANIC
Last updated February 13, 2020
A Linux kernel vulnerability in TCP networking could allow DoS
> CVE-2019-11477 is considered an Important severity, whereas CVE-2019-11478 and CVE-2019-11479 are considered a Moderate severity. The first two are related to the Selective Acknowledgement (SACK) packets combined with Maximum Segment Size (MSS), the third solely with the Maximum Segment Size (MSS).
Vulnerable code exists in https://github.com/torvalds/linux/blob/master/include/linux/skbuff.h
This might stick around in various embedded hardware, which could be more disasterous if DoS'ed, but it's too early to tell.
0
Attacker Value
Unknown
Integer overflow in TCP_SKB_CB(skb)->tcp_gso_segs
Disclosure Date: June 19, 2019 (last updated February 28, 2024)
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.
0