Attacker Value

Unknown

0

SACK can cause extensive memory use via fragmented resend queue

0

Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

Unknown

Privileges Required

Unknown

Attack Vector

Unknown

0

SACK can cause extensive memory use via fragmented resend queue

Disclosure Date: June 19, 2019 •

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

None

Impact Score:

Unknown

Exploitability Score:

Unknown

Vector:

Attack Vector (AV):

Unknown

Attack Complexity (AC):

Unknown

Privileges Required (PR):

Unknown

User Interaction (UI):

Unknown

Scope (S):

Unknown

Confidentiality (C):

Unknown

Integrity (I):

Unknown

Availability (A):

Unknown

Vendors

Products

References

Canonical

CVE-2019-11478 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11478)

Advisory

https://support.f5.com/csp/article/K26618426

VU#905115 (https://www.kb.cert.org/vuls/id/905115)

https://www.synology.com/security/advisory/Synology_SA_19_28

https://security.netapp.com/advisory/ntap-20190625-0001

https://access.redhat.com/errata/RHSA-2019:1594

https://access.redhat.com/errata/RHSA-2019:1602

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0007

https://kc.mcafee.com/corporate/index?page=content&id=SB10287

[oss-security] 20190628 Re: linux-distros membership application - Microsoft (http://www.openwall.com/lists/oss-security/2019/06/28/2)

http://www.vmware.com/security/advisories/VMSA-2019-0010.html

[oss-security] 20190706 Re: linux-distros membership application - Microsoft (http://www.openwall.com/lists/oss-security/2019/07/06/3)

[oss-security] 20190706 Re: linux-distros membership application - Microsoft (http://www.openwall.com/lists/oss-security/2019/07/06/4)

https://access.redhat.com/errata/RHSA-2019:1699

20190722 [SECURITY] [DSA 4484-1] linux security update (https://seclists.org/bugtraq/2019/Jul/30)

https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf

[oss-security] 20191023 Membership application for linux-distros - VMware (http://www.openwall.com/lists/oss-security/2019/10/24/1)

[oss-security] 20191029 Re: Membership application for linux-distros - VMware (http://www.openwall.com/lists/oss-security/2019/10/29/3)

http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt

https://security.netapp.com/advisory/ntap-20190625-0001/

Miscellaneous

https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md

https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic

https://access.redhat.com/security/vulnerabilities/tcpsack

https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit?id=f070ef2ac66716357066b683fb0baf55f8191a2e

http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193

http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html

https://www.us-cert.gov/ics/advisories/icsa-19-253-03

http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html

https://www.oracle.com/security-alerts/cpujan2020.html

https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=f070ef2ac66716357066b683fb0baf55f8191a2e

https://www.oracle.com/security-alerts/cpuoct2020.html

Rapid7

Technical Analysis