GSD-2019-11477
Vulnerability from gsd - Updated: 2023-12-13 01:24Details
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-11477",
"description": "Jonathan Looney discovered that the TCP_SKB_CB(skb)-\u003etcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.",
"id": "GSD-2019-11477",
"references": [
"https://www.suse.com/security/cve/CVE-2019-11477.html",
"https://www.debian.org/security/2019/dsa-4465",
"https://access.redhat.com/errata/RHSA-2019:1699",
"https://access.redhat.com/errata/RHSA-2019:1602",
"https://access.redhat.com/errata/RHSA-2019:1594",
"https://access.redhat.com/errata/RHSA-2019:1490",
"https://access.redhat.com/errata/RHSA-2019:1489",
"https://access.redhat.com/errata/RHSA-2019:1488",
"https://access.redhat.com/errata/RHSA-2019:1487",
"https://access.redhat.com/errata/RHSA-2019:1486",
"https://access.redhat.com/errata/RHSA-2019:1485",
"https://access.redhat.com/errata/RHSA-2019:1484",
"https://access.redhat.com/errata/RHSA-2019:1483",
"https://access.redhat.com/errata/RHSA-2019:1482",
"https://access.redhat.com/errata/RHSA-2019:1481",
"https://access.redhat.com/errata/RHSA-2019:1480",
"https://access.redhat.com/errata/RHSA-2019:1479",
"https://ubuntu.com/security/CVE-2019-11477",
"https://advisories.mageia.org/CVE-2019-11477.html",
"https://security.archlinux.org/CVE-2019-11477",
"https://alas.aws.amazon.com/cve/html/CVE-2019-11477.html",
"https://linux.oracle.com/cve/CVE-2019-11477.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-11477"
],
"details": "Jonathan Looney discovered that the TCP_SKB_CB(skb)-\u003etcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.",
"id": "GSD-2019-11477",
"modified": "2023-12-13T01:24:02.386478Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"AKA": "SACK Panic",
"ASSIGNER": "security@ubuntu.com",
"DATE_PUBLIC": "2019-06-17T00:00:00.000Z",
"ID": "CVE-2019-11477",
"STATE": "PUBLIC",
"TITLE": "Integer overflow in TCP_SKB_CB(skb)-\u003etcp_gso_segs"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Linux kernel",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.4",
"version_value": "4.4.182"
},
{
"version_affected": "\u003c",
"version_name": "4.9",
"version_value": "4.9.182"
},
{
"version_affected": "\u003c",
"version_name": "4.14",
"version_value": "4.14.127"
},
{
"version_affected": "\u003c",
"version_name": "4.19",
"version_value": "4.19.52"
},
{
"version_affected": "\u003c",
"version_name": "5.1",
"version_value": "5.1.11"
}
]
}
}
]
},
"vendor_name": "Linux"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Jonathan Looney from Netflix"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Jonathan Looney discovered that the TCP_SKB_CB(skb)-\u003etcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.7"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-190 Integer Overflow or Wraparound"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#905115",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/905115"
},
{
"name": "[oss-security] 20190620 Re: Linux and FreeBSD Kernel: Multiple TCP-based remote denial of service issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/06/20/3"
},
{
"name": "RHSA-2019:1594",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1594"
},
{
"name": "RHSA-2019:1602",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1602"
},
{
"name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
},
{
"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
},
{
"name": "RHSA-2019:1699",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1699"
},
{
"name": "[oss-security] 20191023 Membership application for linux-distros - VMware",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"
},
{
"name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff",
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff"
},
{
"name": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md",
"refsource": "MISC",
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md"
},
{
"name": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic",
"refsource": "MISC",
"url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic"
},
{
"name": "https://access.redhat.com/security/vulnerabilities/tcpsack",
"refsource": "MISC",
"url": "https://access.redhat.com/security/vulnerabilities/tcpsack"
},
{
"name": "https://support.f5.com/csp/article/K78234183",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K78234183"
},
{
"name": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html"
},
{
"name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193",
"refsource": "CONFIRM",
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193"
},
{
"name": "https://www.synology.com/security/advisory/Synology_SA_19_28",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_19_28"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190625-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190625-0001/"
},
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03"
},
{
"name": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt"
}
]
},
"source": {
"advisory": "https://usn.ubuntu.com/4017-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1831637"
],
"discovery": "UNKNOWN"
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "190D94DD-9CDB-413B-9A15-BFBDB1BB127C",
"versionEndExcluding": "3.16.69",
"versionStartIncluding": "2.6.29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D641CA66-86A4-4172-9D98-206C31578C5E",
"versionEndExcluding": "4.4.182",
"versionStartIncluding": "3.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "966342A3-015F-4BCC-A513-335362A79A26",
"versionEndExcluding": "4.9.182",
"versionStartIncluding": "4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A632572-BC71-422E-B953-346709BA1658",
"versionEndExcluding": "4.14.127",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C91C6131-9445-46E6-960B-76E8A34DC7E4",
"versionEndExcluding": "4.19.52",
"versionStartIncluding": "4.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E372D7-8DD5-45E7-9C26-CF389B1A09A5",
"versionEndExcluding": "5.1.11",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33AF102E-2851-45B5-8C71-B393F34D4591",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E4EA2A9-C197-40D4-A6AE-A64D69536F99",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A3215E6-7223-4AF1-BFD3-BD8AE9B6B572",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "720A06E3-441B-4D51-8FC0-D569DD7FEB10",
"versionEndIncluding": "14.1.0",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6FF1C75A-F753-40CB-9E26-DA6D31931DDC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A057B236-8B7C-430D-B107-8FF96D132E73",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D7877E8-E50F-4DC6-867D-C19A8DB533E3",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "899BE6FE-B23F-4236-8A5E-B41AFF28E533",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BEBAD7C4-AC37-463F-B63C-6EAD5542F2A0",
"versionEndIncluding": "14.1.0",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C046FBE7-DCCD-40FE-AC1F-4DAD11D2E0AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66FC8C37-629D-4FBA-9C79-615BDDCF7837",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66FCB095-3E70-472A-AB9D-60F001F3A539",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA39C4F5-4D97-4B0B-8DA9-780F7ACF0A74",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2833083-97E9-4B3C-8E6B-BCAC1851D148",
"versionEndIncluding": "14.1.0",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C7C45A-CC14-4092-903C-3001986D2859",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42EBAE78-C03E-42C9-AC2D-D654A8DF8516",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "75D817B1-EC06-4180-B272-067299818B09",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E3A4646-9AAA-445E-A08F-226D41485DC2",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09C950E6-BF12-43D4-9125-AD9D90EDD67A",
"versionEndIncluding": "14.1.0",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:15.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1A99DC2F-BFC7-4FEA-87DF-5E9DF428F2D3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "255D11E3-F502-45CD-8958-5989F179574E",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E72B035F-97C1-41C6-B424-F3929B9D7A99",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E058E775-EAAA-46DF-9F3D-A8D042AAFD88",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9AD3B4BB-7F5C-4565-9345-2D4895630AAD",
"versionEndIncluding": "14.1.0",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B872A0D5-9B23-40F2-8AAB-253A4F406D18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10A57948-C53A-4CD0-801B-7E801D08E112",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F367EED9-1F71-4720-BE53-3074FF6049C9",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20BF15AA-1183-489E-A24A-FFB5BFD84664",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "83B684D2-5889-41EA-B54A-8E7AF43DA647",
"versionEndIncluding": "14.1.0",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:15.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "45D0AF1B-9106-4C38-B1A2-87FC189ADBAB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E4A258E-4F20-4C3C-8269-CD7554539EC6",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A5E9908-C959-48FD-8FAC-C0FE329E6FD8",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "442A56A6-935D-427A-8562-144DD770E317",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6434ED4F-0BA2-445A-B6E9-D3E301EE3930",
"versionEndIncluding": "14.1.0",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:15.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2A9F32-FF72-44AA-AA1A-5B09E8E57E24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA668DC-EFB6-44C3-8521-47BB9F474DD1",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C23EFF81-0FF4-4B4A-BAC3-85EC62230099",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24AB3C9F-77E5-4D87-A9C1-366B087E7F68",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D17CC587-3325-4D95-BE63-B948C63B411D",
"versionEndIncluding": "14.1.0",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6FB6D7D8-2688-48A2-8E3E-341881EF0B4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24904D5C-58FF-49B0-B598-F798BAD110E6",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE11CCA1-58BF-462E-A0DE-49F3BC1C5499",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "639FCD86-C487-40DD-9840-8931FAF5DF3A",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1117B40B-36E7-4205-82B0-52B4862A6D03",
"versionEndIncluding": "14.1.0",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "12F0D363-0DE8-4E32-9187-D7ACA0868BD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB112ABE-C07E-480F-8042-6321E602183D",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A751827-1169-408E-BCE6-A129BDDB489D",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "428C4BEA-AFDA-45EC-9D5F-DDF409461C33",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "717C0443-3E88-4814-8D4A-F0C067176228",
"versionEndIncluding": "14.1.0",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3879431-2E02-4B6C-BB4F-C2FF631A0974",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7865E258-CDA0-43A5-9945-81E07BF11A82",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CAECED76-81A2-4A0C-8C2E-24C235BB32DE",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BDC38EF1-6210-40A1-88FC-964C470E41BA",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "713EB3E7-A657-4F6A-901D-618AF660CBBC",
"versionEndIncluding": "14.1.0",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:15.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EACA0835-51AD-4AC0-8C87-5564F3A821CD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B572C267-AF06-4270-8FDC-18EBDDED7879",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88B12CA1-E853-4898-8A06-F991BE19A27A",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C98DCCF-2D89-4C05-A0AE-60CF8228B860",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B439DE9D-6A09-4487-82A4-E75A57717CAB",
"versionEndIncluding": "14.1.0",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:15.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CA4F1CFB-0FD9-4AEB-BF25-093115F9D891",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19428E8B-18C2-413A-A3C0-AC6AB9F952F2",
"versionEndIncluding": "11.6.4",
"versionStartIncluding": "11.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6166E0DB-2BA5-454D-ABBC-9E4916436A44",
"versionEndIncluding": "12.1.4",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F42F4AF6-4BCC-497E-A889-0BBCA965CB32",
"versionEndIncluding": "13.1.1",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AEC2164D-11D0-4DCD-B814-6AB185C3BADF",
"versionEndIncluding": "14.1.0",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:15.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA4AE425-1D86-4DB9-8B8F-74C6678BD528",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*",
"matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
"matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:enterprise_linux_atomic_host:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF483911-003B-470B-A12B-85EF34A50469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "79191794-6151-46E9-AAFD-3EC0C05B03B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_aus:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "893A7EE9-495D-405A-B809-39DC80778B2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C60FA8B1-1802-4522-A088-22171DCF7A93",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ivanti:connect_secure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97D046F5-FF1A-41A7-8EDE-2C93E335906E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1C8792C-1CF0-450B-A8BD-2B5274156053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pulsesecure:pulse_secure_virtual_application_delivery_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3CCBFDE-C2FA-40E3-AA44-0EB0A6861BD4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E52F91D-3F39-4D89-8069-EC422FB1F700",
"versionEndIncluding": "5.1.0",
"versionStartIncluding": "5.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jonathan Looney discovered that the TCP_SKB_CB(skb)-\u003etcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff."
},
{
"lang": "es",
"value": "Jonathan Looney detect\u00f3 que el valor TCP_SKB_CB(skb)-mayor que tcp_gso_segs estuvo sujeto a un desbordamiento de enteros en el kernel de Linux durante el manejo del Reconocimiento Selectivo (SACK) de TCP. Un atacante remoto podr\u00eda usar esto para causar una denegaci\u00f3n de servicio. Esto se ha corregido en versiones de kernel estables 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, y se corrige en el commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff."
}
],
"id": "CVE-2019-11477",
"lastModified": "2024-02-27T21:04:17.560",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security@ubuntu.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-19T00:15:12.640",
"references": [
{
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html"
},
{
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
},
{
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt"
},
{
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en"
},
{
"source": "security@ubuntu.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/20/3"
},
{
"source": "security@ubuntu.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
},
{
"source": "security@ubuntu.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
},
{
"source": "security@ubuntu.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
},
{
"source": "security@ubuntu.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"
},
{
"source": "security@ubuntu.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"
},
{
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html"
},
{
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1594"
},
{
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1602"
},
{
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1699"
},
{
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/vulnerabilities/tcpsack"
},
{
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf"
},
{
"source": "security@ubuntu.com",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff"
},
{
"source": "security@ubuntu.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md"
},
{
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
],
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193"
},
{
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287"
},
{
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006"
},
{
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190625-0001/"
},
{
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/csp/article/K78234183"
},
{
"source": "security@ubuntu.com",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic"
},
{
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/905115"
},
{
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_28"
},
{
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03"
}
],
"sourceIdentifier": "security@ubuntu.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "security@ubuntu.com",
"type": "Secondary"
}
]
}
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…