CVE-2019-11479

MEDIUM

Published 2019-06-18T23:34:51.124134Z

Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2019-11479. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.0

5.3

/10

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Base Score Metrics

Exploitability: N/A Impact: N/A

EPSS Score

v2023.03.01

0.966

probability

of exploitation in the wild

There is a 96.6% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-01-25

Exploit Probability

Percentile: 0.998

Higher than 99.8% of all CVEs

Attack Vector Metrics

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Impact Metrics

Confidentiality

NONE

Integrity

NONE

Availability

LOW

Description

Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Linux

Linux kernel

Affected Versions:

4.4 4.9 4.14 4.19 5.1

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-99cq-xr7g-h22w

Advisory Details

CVSS Scoring

CVSS Score

7.5

CVSS Vector


                                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2019-11479

WEB https://www.us-cert.gov/ics/advisories/icsma-20-170-06

WEB https://www.us-cert.gov/ics/advisories/icsa-19-253-03

WEB https://www.synology.com/security/advisory/Synology_SA_19_28

WEB https://www.oracle.com/security-alerts/cpuoct2020.html

WEB https://www.oracle.com/security-alerts/cpujan2020.html

WEB https://www.kb.cert.org/vuls/id/905115

WEB https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic

WEB https://usn.ubuntu.com/4041-2

WEB https://usn.ubuntu.com/4041-1

WEB https://support.f5.com/csp/article/K35421172?utm_source=f5support&utm_medium=RSS

WEB https://support.f5.com/csp/article/K35421172

WEB https://security.netapp.com/advisory/ntap-20190625-0001

WEB https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0008

WEB https://kc.mcafee.com/corporate/index?page=content&id=SB10287

WEB https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193

WEB https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md

WEB https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=967c05aee439e6e5d7d805e195b3a20ef5c433d6

WEB https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=5f3e2bf008c2221478101ee72f5cb4654b9fc363

WEB https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf

WEB https://access.redhat.com/security/vulnerabilities/tcpsack

WEB https://access.redhat.com/errata/RHSA-2019:1699

WEB https://access.redhat.com/errata/RHSA-2019:1602

WEB https://access.redhat.com/errata/RHSA-2019:1594

WEB http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt

WEB http://www.openwall.com/lists/oss-security/2019/06/28/2

WEB http://www.openwall.com/lists/oss-security/2019/07/06/3

WEB http://www.openwall.com/lists/oss-security/2019/07/06/4

WEB http://www.securityfocus.com/bid/108818

Advisory provided by GitHub Security Advisory Database. Published: May 24, 2022, Modified: August 16, 2023

References

http://www.securityfocus.com/bid/108818

https://www.kb.cert.org/vuls/id/905115

https://access.redhat.com/errata/RHSA-2019:1594

https://access.redhat.com/errata/RHSA-2019:1602

http://www.openwall.com/lists/oss-security/2019/06/28/2

https://usn.ubuntu.com/4041-2/

http://www.openwall.com/lists/oss-security/2019/07/06/3

http://www.openwall.com/lists/oss-security/2019/07/06/4

https://access.redhat.com/errata/RHSA-2019:1699

https://usn.ubuntu.com/4041-1/

https://www.oracle.com/security-alerts/cpujan2020.html

https://www.oracle.com/security-alerts/cpuoct2020.html

https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md

https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic

https://access.redhat.com/security/vulnerabilities/tcpsack

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193

https://www.synology.com/security/advisory/Synology_SA_19_28

https://security.netapp.com/advisory/ntap-20190625-0001/

https://kc.mcafee.com/corporate/index?page=content&id=SB10287

https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf

https://www.us-cert.gov/ics/advisories/icsa-19-253-03

http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt

https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=5f3e2bf008c2221478101ee72f5cb4654b9fc363

https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=967c05aee439e6e5d7d805e195b3a20ef5c433d6

https://support.f5.com/csp/article/K35421172

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0008

https://support.f5.com/csp/article/K35421172?utm_source=f5support&amp%3Butm_medium=RSS

https://www.us-cert.gov/ics/advisories/icsma-20-170-06

Published: 2019-06-18T23:34:51.124134Z

Last Modified: 2024-09-16T23:22:00.170Z

Copied to clipboard!

CVE-2019-11479

Expert Analysis

CVSS Score

EPSS Score

Attack Vector Metrics

Impact Metrics

Description

Available Exploits

Related News

Affected Products

Linux kernel

Affected Versions:

GitHub Security Advisories

Advisory Details

CVSS Scoring

CVSS Score

CVSS Vector

References

References

Request Analysis

What to expect

Request Received!