CVE-2019-11478 : Jonathan Looney discovered that the TCP retransmission queue implementation in t

Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e.

Published 2019-06-19 00:15:13

Updated 2024-02-27 21:04:18

Source Canonical Ltd.

View at NVD, CVE.org

Vulnerability category: Denial of service

Products affected by CVE-2019-11478

Redhat » Enterprise Linux » Version: 6.0
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux » Version: 7.0
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux » Version: 5.0
cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux » Version: 8.0
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Eus » Version: 7.4
cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Eus » Version: 7.5
cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Aus » Version: 6.6
cpe:2.3:o:redhat:enterprise_linux_aus:6.6:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Aus » Version: 6.5
cpe:2.3:o:redhat:enterprise_linux_aus:6.5:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Atomic Host » Version: N/A
cpe:2.3:a:redhat:enterprise_linux_atomic_host:-:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Mrg » Version: 2.0
cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions before (<) 4.4.182
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.15 and before (<) 4.19.52
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.5 and before (<) 4.9.182
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.20 and before (<) 5.1.11
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.10 and before (<) 4.14.127
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Local Traffic Manager
Versions from including (>=) 12.1.0 and up to, including, (<=) 12.1.4
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Local Traffic Manager
Versions from including (>=) 13.1.0 and up to, including, (<=) 13.1.1
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Local Traffic Manager
Versions from including (>=) 11.5.2 and up to, including, (<=) 11.6.4
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Local Traffic Manager
Versions from including (>=) 14.0.0 and up to, including, (<=) 14.1.0
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Local Traffic Manager » Version: 15.0.0
cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.0:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Global Traffic Manager
Versions from including (>=) 14.0.0 and up to, including, (<=) 14.1.0
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Global Traffic Manager
Versions from including (>=) 11.5.2 and up to, including, (<=) 11.6.4
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Global Traffic Manager
Versions from including (>=) 12.1.0 and up to, including, (<=) 12.1.4
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Global Traffic Manager
Versions from including (>=) 13.1.0 and up to, including, (<=) 13.1.1
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Global Traffic Manager » Version: 15.0.0
cpe:2.3:a:f5:big-ip_global_traffic_manager:15.0.0:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Application Security Manager
Versions from including (>=) 11.5.2 and up to, including, (<=) 11.6.4
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Application Security Manager
Versions from including (>=) 14.0.0 and up to, including, (<=) 14.1.0
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Application Security Manager
Versions from including (>=) 12.1.0 and up to, including, (<=) 12.1.4
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Application Security Manager
Versions from including (>=) 13.1.0 and up to, including, (<=) 13.1.1
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Application Security Manager » Version: 15.0.0
cpe:2.3:a:f5:big-ip_application_security_manager:15.0.0:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Access Policy Manager
Versions from including (>=) 13.1.0 and up to, including, (<=) 13.1.1
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Access Policy Manager
Versions from including (>=) 11.5.2 and up to, including, (<=) 11.6.4
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Access Policy Manager
Versions from including (>=) 12.1.0 and up to, including, (<=) 12.1.4
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Access Policy Manager
Versions from including (>=) 14.0.0 and up to, including, (<=) 14.1.0
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Access Policy Manager » Version: 15.0.0
cpe:2.3:a:f5:big-ip_access_policy_manager:15.0.0:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Webaccelerator
Versions from including (>=) 12.1.0 and up to, including, (<=) 12.1.4
cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Webaccelerator
Versions from including (>=) 14.0.0 and up to, including, (<=) 14.1.0
cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Webaccelerator
Versions from including (>=) 13.1.0 and up to, including, (<=) 13.1.1
cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Webaccelerator
Versions from including (>=) 11.5.2 and up to, including, (<=) 11.6.4
cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Webaccelerator » Version: 15.0.0
cpe:2.3:a:f5:big-ip_webaccelerator:15.0.0:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Edge Gateway
Versions from including (>=) 11.5.2 and up to, including, (<=) 11.6.4
cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Edge Gateway
Versions from including (>=) 12.1.0 and up to, including, (<=) 12.1.4
cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Edge Gateway
Versions from including (>=) 14.0.0 and up to, including, (<=) 14.1.0
cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Edge Gateway
Versions from including (>=) 13.1.0 and up to, including, (<=) 13.1.1
cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Edge Gateway » Version: 15.0.0
cpe:2.3:a:f5:big-ip_edge_gateway:15.0.0:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Link Controller
Versions from including (>=) 12.1.0 and up to, including, (<=) 12.1.4
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Link Controller
Versions from including (>=) 11.5.2 and up to, including, (<=) 11.6.4
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Link Controller
Versions from including (>=) 13.1.0 and up to, including, (<=) 13.1.1
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Link Controller
Versions from including (>=) 14.0.0 and up to, including, (<=) 14.1.0
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Link Controller » Version: 15.0.0
cpe:2.3:a:f5:big-ip_link_controller:15.0.0:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Analytics
Versions from including (>=) 11.5.2 and up to, including, (<=) 11.6.4
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Analytics
Versions from including (>=) 13.1.0 and up to, including, (<=) 13.1.1
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Analytics
Versions from including (>=) 14.0.0 and up to, including, (<=) 14.1.0
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Analytics
Versions from including (>=) 12.1.0 and up to, including, (<=) 12.1.4
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Analytics » Version: 15.0.0
cpe:2.3:a:f5:big-ip_analytics:15.0.0:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Application Acceleration Manager
Versions from including (>=) 13.1.0 and up to, including, (<=) 13.1.1
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Application Acceleration Manager
Versions from including (>=) 14.0.0 and up to, including, (<=) 14.1.0
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Application Acceleration Manager
Versions from including (>=) 12.1.0 and up to, including, (<=) 12.1.4
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Application Acceleration Manager
Versions from including (>=) 11.5.2 and up to, including, (<=) 11.6.4
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Application Acceleration Manager » Version: 15.0.0
cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.0.0:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Advanced Firewall Manager
Versions from including (>=) 14.0.0 and up to, including, (<=) 14.1.0
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Advanced Firewall Manager
Versions from including (>=) 11.5.2 and up to, including, (<=) 11.6.4
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Advanced Firewall Manager
Versions from including (>=) 13.1.0 and up to, including, (<=) 13.1.1
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Advanced Firewall Manager
Versions from including (>=) 12.1.0 and up to, including, (<=) 12.1.4
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Advanced Firewall Manager » Version: 15.0.0
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.0.0:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Policy Enforcement Manager
Versions from including (>=) 14.0.0 and up to, including, (<=) 14.1.0
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Policy Enforcement Manager
Versions from including (>=) 12.1.0 and up to, including, (<=) 12.1.4
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Policy Enforcement Manager
Versions from including (>=) 13.1.0 and up to, including, (<=) 13.1.1
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Policy Enforcement Manager
Versions from including (>=) 11.5.2 and up to, including, (<=) 11.6.4
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Policy Enforcement Manager » Version: 15.0.0
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.0.0:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Domain Name System
Versions from including (>=) 14.0.0 and up to, including, (<=) 14.1.0
cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Domain Name System
Versions from including (>=) 13.1.0 and up to, including, (<=) 13.1.1
cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Domain Name System
Versions from including (>=) 11.5.2 and up to, including, (<=) 11.6.4
cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Domain Name System
Versions from including (>=) 12.1.0 and up to, including, (<=) 12.1.4
cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Domain Name System » Version: 15.0.0
cpe:2.3:a:f5:big-ip_domain_name_system:15.0.0:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Fraud Protection Service
Versions from including (>=) 13.1.0 and up to, including, (<=) 13.1.1
cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Fraud Protection Service
Versions from including (>=) 14.0.0 and up to, including, (<=) 14.1.0
cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Fraud Protection Service
Versions from including (>=) 11.5.2 and up to, including, (<=) 11.6.4
cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Fraud Protection Service
Versions from including (>=) 12.1.0 and up to, including, (<=) 12.1.4
cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*
Matching versions
F5 » Big-ip Fraud Protection Service » Version: 15.0.0
cpe:2.3:a:f5:big-ip_fraud_protection_service:15.0.0:*:*:*:*:*:*:*
Matching versions
F5 » Traffix Signaling Delivery Controller
Versions from including (>=) 5.0.0 and up to, including, (<=) 5.1.0
cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 14.04 ESM Edition
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 12.04 ESM Edition
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 16.04 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 18.04 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 18.10
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 19.04
cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
Matching versions
Pulsesecure » Pulse Policy Secure » Version: N/A
cpe:2.3:a:pulsesecure:pulse_policy_secure:-:*:*:*:*:*:*:*
Matching versions
Pulsesecure » Pulse Secure Virtual Application Delivery Controller » Version: N/A
cpe:2.3:a:pulsesecure:pulse_secure_virtual_application_delivery_controller:-:*:*:*:*:*:*:*
Matching versions
Ivanti » Connect Secure » Version: N/A
cpe:2.3:a:ivanti:connect_secure:-:*:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2019-11478

Top countries where our scanners detected CVE-2019-11478

Top open port discovered on systems with this issue 53

IPs affected by CVE-2019-11478 862,062

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2019-11478!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2019-11478

EPSS FAQ

27.96%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 96 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2019-11478

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial
7.5	HIGH	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H	3.9	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High
5.3	MEDIUM	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L	3.9	1.4	Canonical Ltd.
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: Low

CWE ids for CVE-2019-11478

CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource.

Assigned by: nvd@nist.gov (Primary)
CWE-770 Allocation of Resources Without Limits or Throttling

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.

Assigned by: security@ubuntu.com (Secondary)

References for CVE-2019-11478

https://www.oracle.com/security-alerts/cpujan2020.html

Oracle Critical Patch Update Advisory - January 2020

CVEs referencing this url
https://www.oracle.com/security-alerts/cpuoct2020.html

Oracle Critical Patch Update Advisory - October 2020

CVEs referencing this url
https://www.synology.com/security/advisory/Synology_SA_19_28

Synology Inc.

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2019:1699

RHSA-2019:1699 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
https://security.netapp.com/advisory/ntap-20190625-0001/

Linux Kernel TCP SACK Panic Vulnerabilities in NetApp Products | NetApp Product Security

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2019:1594

RHSA-2019:1594 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0007

SonicWall Security Advisory
http://www.openwall.com/lists/oss-security/2019/07/06/4

oss-security - Re: linux-distros membership application - Microsoft

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2019:1602

RHSA-2019:1602 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=f070ef2ac66716357066b683fb0baf55f8191a2e

kernel/git/davem/net.git - David Miller's networking tree
Mailing List;Patch;Vendor Advisory
https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic

SecurityTeam/KnowledgeBase/SACKPanic - Ubuntu Wiki
Mitigation;Third Party Advisory

CVEs referencing this url
https://www.us-cert.gov/ics/advisories/icsa-19-253-03

Siemens Industrial Products (Update D) | CISA

CVEs referencing this url
http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html

Kernel Live Patch Security Notice LSN-0052-1 ≈ Packet Storm
Third Party Advisory;VDB Entry

CVEs referencing this url
https://kc.mcafee.com/corporate/index?page=content&id=SB10287

McAfee Security Bulletin – Updates for Linux kernel TCP Sad SACK vulnerability (CVE-2019-11477, CVE-2019-11478, CVE-2019-11479)

CVEs referencing this url
https://seclists.org/bugtraq/2019/Jul/30

Bugtraq: [SECURITY] [DSA 4484-1] linux security update

CVEs referencing this url
https://support.f5.com/csp/article/K26618426

Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf

CVEs referencing this url
http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html

Kernel Live Patch Security Notice LSN-0058-1 ≈ Packet Storm

CVEs referencing this url
http://www.openwall.com/lists/oss-security/2019/10/29/3

oss-security - Re: Membership application for linux-distros - VMware

CVEs referencing this url
http://www.vmware.com/security/advisories/VMSA-2019-0010.html

VMSA-2019-0010.1

CVEs referencing this url
https://access.redhat.com/security/vulnerabilities/tcpsack

TCP SACK PANIC - Kernel vulnerabilities - CVE-2019-11477, CVE-2019-11478 & CVE-2019-11479 - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html

Kernel Live Patch Security Notice LSN-0055-1 ≈ Packet Storm

CVEs referencing this url
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt

CVEs referencing this url
http://www.openwall.com/lists/oss-security/2019/07/06/3

oss-security - Re: linux-distros membership application - Microsoft

CVEs referencing this url
https://www.kb.cert.org/vuls/id/905115

VU#905115 - Multiple TCP Selective Acknowledgement (SACK) and Maximum Segment Size (MSS) networking vulnerabilities may cause denial-of-service conditions in Linux and FreeBSD kernels

CVEs referencing this url
http://www.openwall.com/lists/oss-security/2019/06/28/2

oss-security - Re: linux-distros membership application - Microsoft

CVEs referencing this url
https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md

security-bulletins/2019-001.md at master · Netflix/security-bulletins · GitHub
Patch;Third Party Advisory

CVEs referencing this url
http://www.openwall.com/lists/oss-security/2019/10/24/1

oss-security - Membership application for linux-distros - VMware

CVEs referencing this url
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193

Pulse Security Advisory: SA44193 - 2019-06: Out-of-Cycle Advisory: Multiple Linux Kernel and FreeBSD vulnerabilities
Third Party Advisory

CVEs referencing this url

Jump to