what you don't know can hurt you
Showing 1 - 19 of 19 RSS Feed

CVE-2019-11479

Status Candidate

Overview

Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363.

Related Files

Red Hat Security Advisory 2019-1699-01
Posted Jul 8, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1699-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2019-10161, CVE-2019-10166, CVE-2019-10167, CVE-2019-10168, CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
SHA-256 | d22eb754fb8254f68a8d336dc7f00edae903b9adbc16438840fac6e3bedc813f
Ubuntu Security Notice USN-4041-1
Posted Jun 28, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4041-1 - USN-4017-1 fixed vulnerabilities in the Linux kernel for Ubuntu. Unfortunately, the update introduced a regression that interfered with networking applications that setup very low SO_SNDBUF values. This update fixes the problem. Jonathan Looney discovered that the Linux kernel could be coerced into segmenting responses into multiple TCP segments. A remote attacker could construct an ongoing sequence of requests to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, tcp, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-11479
SHA-256 | 38c17aacbb7b32c138b118b5a4022a5ed59168bcf511fb1f084a35b7d0a6e202
Ubuntu Security Notice USN-4041-2
Posted Jun 28, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4041-2 - USN-4041-1 provided updates for the Linux kernel in Ubuntu. This update provides the corresponding updates for the Linux kernel for Ubuntu 16.04 ESM. USN-4017-2 fixed vulnerabilities in the Linux kernel. Unfortunately, the update introduced a regression that interfered with networking applications that setup very low SO_SNDBUF values. This update fixes the problem. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-11479
SHA-256 | c7d4a3aaf64ac902122bdf9096c8ee39c4b00b7f851ae0fa3d01c3b2b30e7b7b
Red Hat Security Advisory 2019-1602-01
Posted Jun 25, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1602-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, kernel
systems | linux, redhat
advisories | CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
SHA-256 | 44681c017f6cb6453545b8a6d66047878734200ddb425c65cba895080004b65a
Red Hat Security Advisory 2019-1594-01
Posted Jun 25, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1594-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
SHA-256 | 42cc94d32edd63d60d4201b04d197d324050b9d1d3c45b0f2c6a12cc47a4bf7f
Debian Security Advisory 4465-1
Posted Jun 19, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4465-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2019-10126, CVE-2019-11477, CVE-2019-11478, CVE-2019-11479, CVE-2019-11486, CVE-2019-11599, CVE-2019-11815, CVE-2019-11833, CVE-2019-11884, CVE-2019-3846, CVE-2019-5489, CVE-2019-9500, CVE-2019-9503
SHA-256 | 6462989fedaf07301b47a2563bc368b80ca7dfd5c7c7901bf9c00004dffd9a54
Linux / FreeBSD TCP-Based Denial Of Service
Posted Jun 18, 2019
Authored by Jonathan Looney | Site netflix.com

Netflix has identified several TCP networking vulnerabilities in FreeBSD and Linux kernels. The vulnerabilities specifically relate to the minimum segment size (MSS) and TCP Selective Acknowledgement (SACK) capabilities. The most serious, dubbed _"SACK Panic_," allows a remotely-triggered kernel panic on recent Linux kernels. There are patches that address most of these vulnerabilities. If patches can not be applied, certain mitigations will be effective.

tags | advisory, kernel, tcp, vulnerability
systems | linux, freebsd, bsd
advisories | CVE-2019-11477, CVE-2019-11478, CVE-2019-11479, CVE-2019-5599
SHA-256 | 2842c96d7b20ef5dfb0f2ea06c76a1334026b1cbd1953a2b31793af5c8fa3ba7
Red Hat Security Advisory 2019-1487-01
Posted Jun 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1487-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, kernel
systems | linux, redhat
advisories | CVE-2018-1000004, CVE-2018-7566, CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
SHA-256 | 0d2aaa315473f7fa3a1600801f003ad4d585fa316b9020702470ab42aa378bd8
Red Hat Security Advisory 2019-1480-01
Posted Jun 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1480-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service and null pointer vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-11477, CVE-2019-11478, CVE-2019-11479, CVE-2019-9213
SHA-256 | c97e7d7b7daed86df070782d936f28a68af605c9244804de5e179400e81ca993
Red Hat Security Advisory 2019-1486-01
Posted Jun 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1486-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, kernel
systems | linux, redhat
advisories | CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
SHA-256 | 3b19d9f90b3322583fe432930185cc3333492df8f763d78f061e16cce38059d8
Red Hat Security Advisory 2019-1484-01
Posted Jun 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1484-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, kernel
systems | linux, redhat
advisories | CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
SHA-256 | 3d44d46f20f4b63aab3926091c4a7283983615692caed360939015cc0501c44e
Red Hat Security Advisory 2019-1490-01
Posted Jun 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1490-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, kernel
systems | linux, redhat
advisories | CVE-2019-11477, CVE-2019-11478, CVE-2019-11479, CVE-2019-3896
SHA-256 | 8ff8a4848bb7ccf144f2c1a413bac038475598248dcae1cd4b41d6039ff19148
Red Hat Security Advisory 2019-1485-01
Posted Jun 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1485-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, kernel
systems | linux, redhat
advisories | CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
SHA-256 | d2d4b02a2eb600606a322cd02179cf3900afb40269dbf46e0d969667deee3520
Red Hat Security Advisory 2019-1489-01
Posted Jun 18, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1489-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, kernel
systems | linux, redhat
advisories | CVE-2019-11477, CVE-2019-11478, CVE-2019-11479, CVE-2019-3896
SHA-256 | 45b0b86f0772a80cc1b08646f305ac44ef788c7c7d7a00cea44bafbdd0d9212c
Red Hat Security Advisory 2019-1483-01
Posted Jun 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1483-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, kernel
systems | linux, redhat
advisories | CVE-2018-1000004, CVE-2018-7566, CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
SHA-256 | 1a217d5cefbb5641eb992dc6b0dcebb39c2cfb20983cf620352b394e13385350
Red Hat Security Advisory 2019-1482-01
Posted Jun 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1482-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, kernel
systems | linux, redhat
advisories | CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
SHA-256 | 3c26d4933de700ed32008fe232bf0b5b481901ed98030cd7f187ee8bd9089962
Red Hat Security Advisory 2019-1481-01
Posted Jun 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1481-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, kernel
systems | linux, redhat
advisories | CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
SHA-256 | 6cfbd3f8626c8697fb5f0b62389cf6843e06ee0a60d5467b234d8a9835929288
Red Hat Security Advisory 2019-1488-01
Posted Jun 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1488-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, kernel
systems | linux, redhat
advisories | CVE-2019-11477, CVE-2019-11478, CVE-2019-11479, CVE-2019-3896
SHA-256 | 36497ea43fe2cdf62445777995772c09d638c95ec67c2d50cc020453b75700e3
Red Hat Security Advisory 2019-1479-01
Posted Jun 17, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1479-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and null pointer vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-11477, CVE-2019-11478, CVE-2019-11479, CVE-2019-9213
SHA-256 | 97113cfbe30fbceebe6aa05a8dc231cec04e7b0aa68aa9598e713c3f798a8800
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close