Description
In FreeBSD 12.0-STABLE before r349197 and 12.0-RELEASE before 12.0-RELEASE-p6, a bug in the non-default RACK TCP stack can allow an attacker to cause several linked lists to grow unbounded and cause an expensive list traversal on every packet being processed, leading to resource exhaustion and a denial of service.
References (10)
Core 10
Core References
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2019/06/17/5
Mitigation, Third Party Advisory x_refsource_misc
https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md
Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/153329/Linux-FreeBSD-TCP-Based-Denial-Of-Service.html
Mitigation, Vendor Advisory vendor-advisory
x_refsource_freebsd
https://security.FreeBSD.org/advisories/FreeBSD-SA-19:08.rack.asc
Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert-vn
https://www.kb.cert.org/vuls/id/905115
Mailing List, Mitigation, Patch, Third Party Advisory mailing-list
x_refsource_bugtraq
https://seclists.org/bugtraq/2019/Jun/27
Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/153378/FreeBSD-Security-Advisory-FreeBSD-SA-19-08.rack.html
Third Party Advisory x_refsource_misc
https://support.f5.com/csp/article/K75521003
Third Party Advisory x_refsource_misc
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193
Third Party Advisory x_refsource_misc
https://security.netapp.com/advisory/ntap-20190625-0004/
Scores
CVSS v3
7.5
EPSS
0.0963
EPSS Percentile
92.9%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-770
Status
published
Products (1)
freebsd/freebsd
12.0 (6 CPE variants)
Published
Jul 02, 2019
Tracked Since
Feb 18, 2026