CVE-2019-11479

HIGH

Linux Kernel 4.4-4.4.182 - Denial of Service via TCP MSS Fragmentation

Title source: llm
STIX 2.1

Description

Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363.

References (28)

Core 28
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/108818
Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn
https://www.kb.cert.org/vuls/id/905115
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:1594
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:1602
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2019/06/28/2
Third Party Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/4041-2/
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2019/07/06/3
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2019/07/06/4
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:1699
Third Party Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/4041-1/
Third Party Advisory x_refsource_misc
https://www.oracle.com/security-alerts/cpujan2020.html
Mitigation, Third Party Advisory x_refsource_misc
https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic
Third Party Advisory x_refsource_misc
https://access.redhat.com/security/vulnerabilities/tcpsack
Third Party Advisory x_refsource_confirm
https://www.synology.com/security/advisory/Synology_SA_19_28
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20190625-0001/
Third Party Advisory x_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10287
Third Party Advisory x_refsource_confirm
https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf
Third Party Advisory, US Government Resource x_refsource_misc
https://www.us-cert.gov/ics/advisories/icsa-19-253-03
Third Party Advisory x_refsource_confirm
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt
Third Party Advisory x_refsource_confirm
https://support.f5.com/csp/article/K35421172
Third Party Advisory x_refsource_confirm
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0008
Third Party Advisory, US Government Resource x_refsource_misc
https://www.us-cert.gov/ics/advisories/icsma-20-170-06

Scores

CVSS v3 7.5
EPSS 0.9166
EPSS Percentile 99.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-770 CWE-405
Status published
Products (25)
canonical/ubuntu_linux 14.04
canonical/ubuntu_linux 16.04
canonical/ubuntu_linux 18.04
canonical/ubuntu_linux 18.10
canonical/ubuntu_linux 19.04
f5/big-ip_access_policy_manager 11.5.2 - 11.6.5.1
f5/big-ip_advanced_firewall_manager 11.5.2 - 11.6.5.1
f5/big-ip_analytics 11.5.2 - 11.6.5.1
f5/big-ip_application_acceleration_manager 11.5.2 - 11.6.5.1
f5/big-ip_application_security_manager 11.5.2 - 11.6.5.1
... and 15 more
Published Jun 19, 2019
Tracked Since Feb 18, 2026