CVE-2019-11479
First published: Tue Jun 11 2019(Updated: )
An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP segments. If the Maximum Segment Size (MSS) of a TCP connection was set to low values, such as 48 bytes, it can leave as little as 8 bytes for the user data, which significantly increases the Linux kernel's resource (CPU, Memory, and Bandwidth) utilization. A remote attacker could use this flaw to cause a denial of service (DoS) by repeatedly sending network traffic on a TCP connection with low TCP MSS.
Credit: security@ubuntu.com security@ubuntu.com security@ubuntu.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel | <0:2.6.32-754.15.3.el6 | 0:2.6.32-754.15.3.el6 |
| redhat/kernel | <0:2.6.32-431.95.3.el6 | 0:2.6.32-431.95.3.el6 |
| redhat/kernel | <0:2.6.32-504.79.3.el6 | 0:2.6.32-504.79.3.el6 |
| redhat/kernel-rt | <0:3.10.0-957.21.3.rt56.935.el7 | 0:3.10.0-957.21.3.rt56.935.el7 |
| redhat/kernel | <0:3.10.0-957.21.3.el7 | 0:3.10.0-957.21.3.el7 |
| redhat/kernel-alt | <0:4.14.0-115.8.2.el7a | 0:4.14.0-115.8.2.el7a |
| redhat/kernel | <0:3.10.0-327.79.2.el7 | 0:3.10.0-327.79.2.el7 |
| redhat/kernel | <0:3.10.0-514.66.2.el7 | 0:3.10.0-514.66.2.el7 |
| redhat/kernel | <0:3.10.0-693.50.3.el7 | 0:3.10.0-693.50.3.el7 |
| redhat/kernel | <0:3.10.0-862.34.2.el7 | 0:3.10.0-862.34.2.el7 |
| redhat/kernel-rt | <0:4.18.0-80.4.2.rt9.152.el8_0 | 0:4.18.0-80.4.2.rt9.152.el8_0 |
| redhat/kernel | <0:4.18.0-80.4.2.el8_0 | 0:4.18.0-80.4.2.el8_0 |
| redhat/kernel-rt | <1:3.10.0-693.50.3.rt56.644.el6 | 1:3.10.0-693.50.3.rt56.644.el6 |
| redhat/redhat-release-virtualization-host | <0:4.2-11.1.el7 | 0:4.2-11.1.el7 |
| redhat/redhat-virtualization-host | <0:4.2-20190618.0.el7_6 | 0:4.2-20190618.0.el7_6 |
| redhat/redhat-release-virtualization-host | <0:4.3.4-1.el7e | 0:4.3.4-1.el7e |
| redhat/redhat-virtualization-host | <0:4.3.4-20190620.3.el7_6 | 0:4.3.4-20190620.3.el7_6 |
| ubuntu/linux | <4.15.0-54.58 | 4.15.0-54.58 |
| ubuntu/linux | <4.18.0-25.26 | 4.18.0-25.26 |
| ubuntu/linux | <5.0.0-20.21 | 5.0.0-20.21 |
| ubuntu/linux | <5.2~ | 5.2~ |
| ubuntu/linux | <4.4.0-154.181 | 4.4.0-154.181 |
| ubuntu/linux-aws | <4.15.0-1043.45 | 4.15.0-1043.45 |
| ubuntu/linux-aws | <4.18.0-1020.24 | 4.18.0-1020.24 |
| ubuntu/linux-aws | <5.0.0-1010.11 | 5.0.0-1010.11 |
| ubuntu/linux-aws | <4.4.0-1048.52 | 4.4.0-1048.52 |
| ubuntu/linux-aws | <5.2~ | 5.2~ |
| ubuntu/linux-aws | <4.4.0-1087.98 | 4.4.0-1087.98 |
| ubuntu/linux-aws-hwe | <5.2~ | 5.2~ |
| ubuntu/linux-aws-hwe | <4.15.0-1043.45~16.04.1 | 4.15.0-1043.45~16.04.1 |
| ubuntu/linux-azure | <4.18.0-1023.24~18.04.1 | 4.18.0-1023.24~18.04.1 |
| ubuntu/linux-azure | <4.18.0-1023.24 | 4.18.0-1023.24 |
| ubuntu/linux-azure | <5.0.0-1010.10 | 5.0.0-1010.10 |
| ubuntu/linux-azure | <4.15.0-1049.54~14.04.1 | 4.15.0-1049.54~14.04.1 |
| ubuntu/linux-azure | <5.2~ | 5.2~ |
| ubuntu/linux-azure | <4.15.0-1049.54 | 4.15.0-1049.54 |
| ubuntu/linux-azure-edge | <4.18.0-1023.24~18.04.1 | 4.18.0-1023.24~18.04.1 |
| ubuntu/linux-azure-edge | <5.2~ | 5.2~ |
| ubuntu/linux-azure-edge | <4.15.0-1049.54 | 4.15.0-1049.54 |
| ubuntu/linux-euclid | <5.2~ | 5.2~ |
| ubuntu/linux-flo | <5.2~ | 5.2~ |
| ubuntu/linux-gcp | <4.15.0-1036.38 | 4.15.0-1036.38 |
| ubuntu/linux-gcp | <4.18.0-1015.16 | 4.18.0-1015.16 |
| ubuntu/linux-gcp | <5.0.0-1010.10 | 5.0.0-1010.10 |
| ubuntu/linux-gcp | <5.2~ | 5.2~ |
| ubuntu/linux-gcp | <4.15.0-1036.38~16.04.1 | 4.15.0-1036.38~16.04.1 |
| ubuntu/linux-gcp-edge | <4.18.0-1015.16~18.04.1 | 4.18.0-1015.16~18.04.1 |
| ubuntu/linux-gcp-edge | <5.2~ | 5.2~ |
| ubuntu/linux-gke | <5.2~ | 5.2~ |
| ubuntu/linux-gke-4.15 | <4.15.0-1036.38 | 4.15.0-1036.38 |
| ubuntu/linux-gke-4.15 | <5.2~ | 5.2~ |
| ubuntu/linux-gke-5.0 | <5.2~ | 5.2~ |
| ubuntu/linux-goldfish | <5.2~ | 5.2~ |
| ubuntu/linux-grouper | <5.2~ | 5.2~ |
| ubuntu/linux-hwe | <4.18.0-25.26~18.04.1 | 4.18.0-25.26~18.04.1 |
| ubuntu/linux-hwe | <5.2~ | 5.2~ |
| ubuntu/linux-hwe | <4.15.0-54.58~16.04.1 | 4.15.0-54.58~16.04.1 |
| ubuntu/linux-hwe-edge | <5.0.0-20.21~18.04.1 | 5.0.0-20.21~18.04.1 |
| ubuntu/linux-hwe-edge | <5.2~ | 5.2~ |
| ubuntu/linux-hwe-edge | <4.15.0-54.58~16.04.1 | 4.15.0-54.58~16.04.1 |
| ubuntu/linux-kvm | <4.15.0-1038.38 | 4.15.0-1038.38 |
| ubuntu/linux-kvm | <4.18.0-1016.17 | 4.18.0-1016.17 |
| ubuntu/linux-kvm | <5.0.0-1010.11 | 5.0.0-1010.11 |
| ubuntu/linux-kvm | <5.2~ | 5.2~ |
| ubuntu/linux-kvm | <4.4.0-1051.58 | 4.4.0-1051.58 |
| ubuntu/linux-lts-trusty | <5.2~ | 5.2~ |
| ubuntu/linux-lts-utopic | <5.2~ | 5.2~ |
| ubuntu/linux-lts-vivid | <5.2~ | 5.2~ |
| ubuntu/linux-lts-wily | <5.2~ | 5.2~ |
| ubuntu/linux-lts-xenial | <4.4.0-154.181~14.04.1 | 4.4.0-154.181~14.04.1 |
| ubuntu/linux-lts-xenial | <5.2~ | 5.2~ |
| ubuntu/linux-maguro | <5.2~ | 5.2~ |
| ubuntu/linux-mako | <5.2~ | 5.2~ |
| ubuntu/linux-manta | <5.2~ | 5.2~ |
| ubuntu/linux-oem | <4.15.0-1045.50 | 4.15.0-1045.50 |
| ubuntu/linux-oem | <4.15.0-1045.50 | 4.15.0-1045.50 |
| ubuntu/linux-oem | <5.2~ | 5.2~ |
| ubuntu/linux-oracle | <4.15.0-1017.19 | 4.15.0-1017.19 |
| ubuntu/linux-oracle | <4.15.0-1017.19 | 4.15.0-1017.19 |
| ubuntu/linux-oracle | <5.2~ | 5.2~ |
| ubuntu/linux-oracle | <4.15.0-1017.19~16.04.2 | 4.15.0-1017.19~16.04.2 |
| ubuntu/linux-raspi2 | <4.15.0-1040.43 | 4.15.0-1040.43 |
| ubuntu/linux-raspi2 | <4.18.0-1018.21 | 4.18.0-1018.21 |
| ubuntu/linux-raspi2 | <5.0.0-1012.12 | 5.0.0-1012.12 |
| ubuntu/linux-raspi2 | <5.2~ | 5.2~ |
| ubuntu/linux-raspi2 | <4.4.0-1114.123 | 4.4.0-1114.123 |
| ubuntu/linux-snapdragon | <4.15.0-1057.62 | 4.15.0-1057.62 |
| ubuntu/linux-snapdragon | <5.0.0-1016.17 | 5.0.0-1016.17 |
| ubuntu/linux-snapdragon | <5.2~ | 5.2~ |
| ubuntu/linux-snapdragon | <4.4.0-1118.124 | 4.4.0-1118.124 |
| debian/linux | 5.10.218-1 5.10.223-1 6.1.94-1 6.1.99-1 6.10.4-1 6.10.6-1 | |
| Siemens Simatic Cloud Connect 7 CC712 | <1.1.5 | 1.1.5 |
| Siemens ROX | <2.13.3 | 2.13.3 |
| Siemens RUGGEDCOM APE 1404 Linux: All versions prior to Debian 9 Linux Image 2019-12-13 | ||
| Siemens RUGGEDCOM RM1224 (6GK6108-4AM00) | <6.2 | 6.2 |
| Siemens RUGGEDCOM RX 1400 VPE Debian Linux: All versions prior to Debian 9 Linux Image 2019-12-13 | ||
| Siemens RUGGEDCOM RX 1400 VPE Linux CloudConnect: All versions prior to Debian 9 Linux Image 2019-12-13 13 (only affected by CVE-2019-11479) | ||
| Siemens SCALANCE M804PB (6GK5804-0AP00-2AA2) | <6.2 | 6.2 |
| Siemens Scalance M812-1 ADSL Router | <6.2 | 6.2 |
| Siemens Scalance M812-1 ADSL Router | <6.2 | 6.2 |
| Siemens Scalance M816-1 ADSL-Router Firmware | <6.2 | 6.2 |
| Siemens Scalance M816-1 ADSL-Router Firmware | <6.2 | 6.2 |
| Siemens SCALANCE M826-2 SHDSL-Router | <6.2 | 6.2 |
| Siemens SCALANCE M874-2 (6GK5874-2AA00-2AA2) | <6.2 | 6.2 |
| Siemens SCALANCE M874-3 | <6.2 | 6.2 |
| Siemens SCALANCE M875 | ||
| Siemens SCALANCE M876-3 (6GK5876-3AA02-2BA2) | <6.2 | 6.2 |
| Siemens SCALANCE M876-3 (rok) | <6.2 | 6.2 |
| Siemens SCALANCE M876-4 | <6.2 | 6.2 |
| Siemens SCALANCE M876-4 | <6.2 | 6.2 |
| Siemens SCALANCE S602 | <4.1 | 4.1 |
| Siemens SCALANCE S612 | <4.1 | 4.1 |
| Siemens SCALANCE S615 (6GK5615-0AA00-2AA2) | <6.2 | 6.2 |
| Siemens SCALANCE S623 | <4.1 | 4.1 |
| Siemens SCALANCE S627-2M | <4.1 | 4.1 |
| Siemens SCALANCE SC622-2C (6GK5622-2GS00-2AC2) | <2.0.1 | 2.0.1 |
| Siemens SCALANCE SC632-2C (6GK5632-2GS00-2AC2) | <2.0.1 | 2.0.1 |
| Siemens SCALANCE SC636-2C (6GK5636-2GS00-2AC2) | <2.0.1 | 2.0.1 |
| Siemens SCALANCE SC642-2C (6GK5642-2GS00-2AC2) | <2.0.1 | 2.0.1 |
| Siemens SCALANCE SC646-2C (6GK5646-2GS00-2AC2) | <2.0.1 | 2.0.1 |
| Siemens Scalance W1750D Firmware | <8.6.0 | 8.6.0 |
| Siemens SCALANCE W-700 IEEE 802.11n family | <6.4 | 6.4 |
| Siemens SCALANCE W1700 IEEE 802.11ac | <2.0 | 2.0 |
| Siemens SCALANCE WLC711 | ||
| Siemens SCALANCE WLC712 | ||
| Siemens SIMATIC CM 1542-1 Firmware | <3.0 | 3.0 |
| Siemens SIMATIC CP 343-1 Advanced | ||
| Linux Kernel | >=4.4<4.4.182 | |
| Linux Kernel | >=4.9<4.9.182 | |
| Linux Kernel | >=4.14<4.14.127 | |
| Linux Kernel | >=4.19<4.19.52 | |
| Linux Kernel | >=5.1<5.1.11 | |
| F5 BIG-IP Advanced Firewall Manager | >=11.5.2<11.6.5.1 | |
| F5 BIG-IP Advanced Firewall Manager | >=12.1.0<12.1.5.1 | |
| F5 BIG-IP Advanced Firewall Manager | >=13.1.0<13.1.3.2 | |
| F5 BIG-IP Advanced Firewall Manager | >=14.0.0<14.0.1.1 | |
| F5 BIG-IP Advanced Firewall Manager | >=14.1.2<14.1.2.1 | |
| F5 BIG-IP Advanced Firewall Manager | >=15.0.0<15.0.1.1 | |
| F5 Access Policy Manager | >=11.5.2<11.6.5.1 | |
| F5 Access Policy Manager | >=12.1.0<12.1.5.1 | |
| F5 Access Policy Manager | >=13.1.0<13.1.3.2 | |
| F5 Access Policy Manager | >=14.0.0<14.0.1.1 | |
| F5 Access Policy Manager | >=14.1.2<14.1.2.1 | |
| F5 Access Policy Manager | >=15.0.0<15.0.1.1 | |
| f5 big-ip application acceleration manager | >=11.5.2<11.6.5.1 | |
| f5 big-ip application acceleration manager | >=12.1.0<12.1.5.1 | |
| f5 big-ip application acceleration manager | >=13.1.0<13.1.3.2 | |
| f5 big-ip application acceleration manager | >=14.0.0<14.0.1.1 | |
| f5 big-ip application acceleration manager | >=14.1.2<14.1.2.1 | |
| f5 big-ip application acceleration manager | >=15.0.0<15.0.1.1 | |
| F5 BIG-IP | >=11.5.2<11.6.5.1 | |
| F5 BIG-IP | >=12.1.0<12.1.5.1 | |
| F5 BIG-IP | >=13.1.0<13.1.3.2 | |
| F5 BIG-IP | >=14.0.0<14.0.1.1 | |
| F5 BIG-IP | >=14.1.2<14.1.2.1 | |
| F5 BIG-IP | >=15.0.0<15.0.1.1 | |
| F5 BIG-IP Policy Enforcement Manager | >=11.5.2<11.6.5.1 | |
| F5 BIG-IP Policy Enforcement Manager | >=12.1.0<12.1.5.1 | |
| F5 BIG-IP Policy Enforcement Manager | >=13.1.0<13.1.3.2 | |
| F5 BIG-IP Policy Enforcement Manager | >=14.0.0<14.0.1.1 | |
| F5 BIG-IP Policy Enforcement Manager | >=14.1.2<14.1.2.1 | |
| F5 BIG-IP Policy Enforcement Manager | >=15.0.0<15.0.1.1 | |
| F5 BIG-IP WebAccelerator | >=11.5.2<11.6.5.1 | |
| F5 BIG-IP WebAccelerator | >=12.1.0<12.1.5.1 | |
| F5 BIG-IP WebAccelerator | >=13.1.0<13.1.3.2 | |
| F5 BIG-IP WebAccelerator | >=14.0.0<14.0.1.1 | |
| F5 BIG-IP WebAccelerator | >=14.1.2<14.1.2.1 | |
| F5 BIG-IP WebAccelerator | >=15.0.0<15.0.1.1 | |
| F5 Application Security Manager | >=11.5.2<11.6.5.1 | |
| F5 Application Security Manager | >=12.1.0<12.1.5.1 | |
| F5 Application Security Manager | >=13.1.0<13.1.3.2 | |
| F5 Application Security Manager | >=14.0.0<14.0.1.1 | |
| F5 Application Security Manager | >=14.1.2<14.1.2.1 | |
| F5 Application Security Manager | >=15.0.0<15.0.1.1 | |
| F5 BIG-IP Local Traffic Manager | >=11.5.2<11.6.5.1 | |
| F5 BIG-IP Local Traffic Manager | >=12.1.0<12.1.5.1 | |
| F5 BIG-IP Local Traffic Manager | >=13.1.0<13.1.3.2 | |
| F5 BIG-IP Local Traffic Manager | >=14.0.0<14.0.1.1 | |
| F5 BIG-IP Local Traffic Manager | >=14.1.2<14.1.2.1 | |
| F5 BIG-IP Local Traffic Manager | >=15.0.0<15.0.1.1 | |
| F5 BIG-IP fraud protection services | >=11.5.2<11.6.5.1 | |
| F5 BIG-IP fraud protection services | >=12.1.0<12.1.5.1 | |
| F5 BIG-IP fraud protection services | >=13.1.0<13.1.3.2 | |
| F5 BIG-IP fraud protection services | >=14.0.0<14.0.1.1 | |
| F5 BIG-IP fraud protection services | >=14.1.2<14.1.2.1 | |
| F5 BIG-IP fraud protection services | >=15.0.0<15.0.1.1 | |
| F5 BIG-IP Global Traffic Manager | >=11.5.2<11.6.5.1 | |
| F5 BIG-IP Global Traffic Manager | >=12.1.0<12.1.5.1 | |
| F5 BIG-IP Global Traffic Manager | >=13.1.0<13.1.3.2 | |
| F5 BIG-IP Global Traffic Manager | >=14.0.0<14.0.1.1 | |
| F5 BIG-IP Global Traffic Manager | >=14.1.2<14.1.2.1 | |
| F5 BIG-IP Global Traffic Manager | >=15.0.0<15.0.1.1 | |
| F5 BIG-IP Analytics | >=11.5.2<11.6.5.1 | |
| F5 BIG-IP Analytics | >=12.1.0<12.1.5.1 | |
| F5 BIG-IP Analytics | >=13.1.0<13.1.3.2 | |
| F5 BIG-IP Analytics | >=14.0.0<14.0.1.1 | |
| F5 BIG-IP Analytics | >=14.1.2<14.1.2.1 | |
| F5 BIG-IP Analytics | >=15.0.0<15.0.1.1 | |
| F5 BIG-IP Edge Gateway | >=11.5.2<11.6.5.1 | |
| F5 BIG-IP Edge Gateway | >=12.1.0<12.1.5.1 | |
| F5 BIG-IP Edge Gateway | >=13.1.0<13.1.3.2 | |
| F5 BIG-IP Edge Gateway | >=14.0.0<14.0.1.1 | |
| F5 BIG-IP Edge Gateway | >=14.1.2<14.1.2.1 | |
| F5 BIG-IP Edge Gateway | >=15.0.0<15.0.1.1 | |
| f5 big-ip domain name system | >=11.5.2<11.6.5.1 | |
| f5 big-ip domain name system | >=12.1.0<12.1.5.1 | |
| f5 big-ip domain name system | >=13.1.0<13.1.3.2 | |
| f5 big-ip domain name system | >=14.0.0<14.0.1.1 | |
| f5 big-ip domain name system | >=14.1.2<14.1.2.1 | |
| f5 big-ip domain name system | >=15.0.0<15.0.1.1 | |
| Ubuntu | =14.04 | |
| Ubuntu | =16.04 | |
| Ubuntu | =18.04 | |
| Ubuntu | =18.10 | |
| Ubuntu | =19.04 | |
| Red Hat Enterprise Linux | =7.0 | |
| F5 BIG-IP and BIG-IQ Centralized Management | >=5.1.0<=5.4.0 | |
| F5 BIG-IP and BIG-IQ Centralized Management | >=6.0.0<=6.1.0 | |
| F5 Enterprise Manager | =3.1.1 | |
| F5 iWorkflow | =2.3.0 | |
| F5 Traffix Systems Signaling Delivery Controller | >=5.0.0<=5.1.0 | |
| redhat virtualization host | =4.0 | |
| Red Hat Enterprise Linux | =7.0 | |
| All of | ||
| redhat virtualization host | =4.0 | |
| Red Hat Enterprise Linux | =7.0 |
Remedy
For mitigation, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/security/vulnerabilities/tcpsack
Remedy
This can be mitigated by dropping all packets which specify a too small MSS value. For example, to only allow MSS values of greater than 500 bytes, an iptables rule can be specified as: sudo iptables -A INPUT -p tcp -m tcpmss --mss 1:500 -j DROP Note: this will only take effect if the net.ipv4.tcp_mtu_probing sysctl is disabled as well.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2019-11479 https://nvd.nist.gov/vuln/detail/CVE-2019-11479 https://patchwork.ozlabs.org/project/netdev/list/?series=114310 https://www.openwall.com/lists/oss-security/2019/06/17/5
- https://bugzilla.redhat.com/show_bug.cgi?id=1719129
- https://access.redhat.com/errata/RHSA-2019:1488
- https://access.redhat.com/errata/RHSA-2019:1490
- https://access.redhat.com/errata/RHSA-2019:1489
- https://access.redhat.com/errata/RHSA-2019:1486
- https://access.redhat.com/errata/RHSA-2019:1481
- https://access.redhat.com/errata/RHSA-2019:1602
- https://access.redhat.com/errata/RHSA-2019:1485
- https://access.redhat.com/errata/RHSA-2019:1484
- https://access.redhat.com/errata/RHSA-2019:1483
- https://access.redhat.com/errata/RHSA-2019:1482
- https://access.redhat.com/errata/RHSA-2019:1480
- https://access.redhat.com/errata/RHSA-2019:1479
- https://access.redhat.com/errata/RHSA-2019:1487
- https://access.redhat.com/errata/RHSA-2019:1594
- https://access.redhat.com/errata/RHSA-2019:1699
- https://access.redhat.com/security/cve/cve-2019-11479
- https://support.f5.com/csp/article/K35421172
- https://access.redhat.com/security/vulnerabilities/tcpsack
- https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=5f3e2bf008c2221478101ee72f5cb4654b9fc363
- https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=967c05aee439e6e5d7d805e195b3a20ef5c433d6
- https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md
- https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic
- http://www.securityfocus.com/bid/108818
- https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193
- https://www.kb.cert.org/vuls/id/905115
- https://www.synology.com/security/advisory/Synology_SA_19_28
- https://security.netapp.com/advisory/ntap-20190625-0001/
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0008
- https://kc.mcafee.com/corporate/index?page=content&id=SB10287
- http://www.openwall.com/lists/oss-security/2019/06/28/2
- https://usn.ubuntu.com/4041-2/
- http://www.openwall.com/lists/oss-security/2019/07/06/3
- http://www.openwall.com/lists/oss-security/2019/07/06/4
- https://usn.ubuntu.com/4041-1/
- https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf
- https://www.us-cert.gov/ics/advisories/icsa-19-253-03
- https://support.f5.com/csp/article/K35421172?utm_source=f5support&amp;utm_medium=RSS
- https://www.oracle.com/security-alerts/cpujan2020.html
- https://www.us-cert.gov/ics/advisories/icsma-20-170-06
- http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt
- https://www.oracle.com/security-alerts/cpuoct2020.html
- https://launchpad.net/bugs/cve/CVE-2019-11479
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1721255
- https://www.openwall.com/lists/oss-security/2019/06/17/5
- https://patchwork.ozlabs.org/project/netdev/list/?series=114310
- https://access.redhat.com/errata/RHBA-2019:1589
- https://access.redhat.com/support/policy/updates/errata/
- https://security-tracker.debian.org/tracker/CVE-2019-11479
- https://kc.mcafee.com/corporate/index?page=content&id=SB10287
- https://support.f5.com/csp/article/K35421172?utm_source=f5support&utm_medium=RSS
- https://support.f5.com/csp/article/K35421172?utm_source=f5support&%3Butm_medium=RSS
- https://www.cisa.gov/news-events/ics-advisories/icsa-19-253-03 (Advisory)
- https://ubuntu.com/security/notices/USN-4041-1
- https://ubuntu.com/security/notices/USN-4041-2
- https://www.cve.org/CVERecord?id=CVE-2019-11479
- https://nvd.nist.gov/vuln/detail/CVE-2019-11479
- https://git.kernel.org/linus/1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
- https://git.kernel.org/linus/5f3e2bf008c2221478101ee72f5cb4654b9fc363
- https://git.kernel.org/linus/967c05aee439e6e5d7d805e195b3a20ef5c433d6
- https://ubuntu.com/security/CVE-2019-11479
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is the severity of CVE-2019-11479?
CVE-2019-11479 is classified as a medium severity vulnerability due to the excessive resource consumption that can disrupt legitimate traffic.
How do I fix CVE-2019-11479?
To mitigate CVE-2019-11479, update the Linux kernel or affected software to the latest version that includes the required fixes.
Which systems are affected by CVE-2019-11479?
CVE-2019-11479 affects various versions of the Linux kernel across multiple distributions, including Red Hat and Ubuntu.
Can CVE-2019-11479 lead to a denial of service?
Yes, CVE-2019-11479 can lead to a denial of service by consuming excessive resources that may affect network performance.
Is there a patch for CVE-2019-11479?
Yes, patches are available and should be applied to vulnerable systems to address the issues presented by CVE-2019-11479.
- collector/redhat-cve
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2019-11479
- agent/remedy
- agent/weakness
- agent/severity
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- collector/usn-cve
- source/Ubuntu
- agent/software-canonical-lookup
- agent/references
- collector/security-tracker-debian
- source/Debian
- agent/trending
- agent/source
- collector/ics-cert-advisory
- source/ICS
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- collector/nvd-cve
- source/NVD
- collector/nvd-api
- package-manager/redhat
- package-manager/ubuntu
- package-manager/debian
- vendor/siemens
- canonical/siemens simatic cloud connect 7 cc712
- canonical/siemens rox
- canonical/siemens ruggedcom ape 1404 linux: all versions prior to debian 9 linux image 2019-12-13
- canonical/siemens ruggedcom rm1224 (6gk6108-4am00)
- canonical/siemens ruggedcom rx 1400 vpe debian linux: all versions prior to debian 9 linux image 2019-12-13
- canonical/siemens ruggedcom rx 1400 vpe linux cloudconnect: all versions prior to debian 9 linux image 2019-12-13 13 (only affected by cve-2019-11479)
- canonical/siemens scalance m804pb (6gk5804-0ap00-2aa2)
- canonical/siemens scalance m812-1 adsl router
- canonical/siemens scalance m816-1 adsl-router firmware
- canonical/siemens scalance m826-2 shdsl-router
- canonical/siemens scalance m874-2 (6gk5874-2aa00-2aa2)
- canonical/siemens scalance m874-3
- canonical/siemens scalance m875
- canonical/siemens scalance m876-3 (6gk5876-3aa02-2ba2)
- canonical/siemens scalance m876-3 (rok)
- canonical/siemens scalance m876-4
- canonical/siemens scalance s602
- canonical/siemens scalance s612
- canonical/siemens scalance s615 (6gk5615-0aa00-2aa2)
- canonical/siemens scalance s623
- canonical/siemens scalance s627-2m
- canonical/siemens scalance sc622-2c (6gk5622-2gs00-2ac2)
- canonical/siemens scalance sc632-2c (6gk5632-2gs00-2ac2)
- canonical/siemens scalance sc636-2c (6gk5636-2gs00-2ac2)
- canonical/siemens scalance sc642-2c (6gk5642-2gs00-2ac2)
- canonical/siemens scalance sc646-2c (6gk5646-2gs00-2ac2)
- canonical/siemens scalance w1750d firmware
- canonical/siemens scalance w-700 ieee 802.11n family
- canonical/siemens scalance w1700 ieee 802.11ac
- canonical/siemens scalance wlc711
- canonical/siemens scalance wlc712
- canonical/siemens simatic cm 1542-1 firmware
- canonical/siemens simatic cp 343-1 advanced
- vendor/linux
- canonical/linux kernel
- version/linux kernel/4.4
- version/linux kernel/4.9
- version/linux kernel/4.14
- version/linux kernel/4.19
- version/linux kernel/5.1
- vendor/f5
- canonical/f5 big-ip advanced firewall manager
- version/f5 big-ip advanced firewall manager/11.5.2
- version/f5 big-ip advanced firewall manager/12.1.0
- version/f5 big-ip advanced firewall manager/13.1.0
- version/f5 big-ip advanced firewall manager/14.0.0
- version/f5 big-ip advanced firewall manager/14.1.2
- version/f5 big-ip advanced firewall manager/15.0.0
- canonical/f5 access policy manager
- version/f5 access policy manager/11.5.2
- version/f5 access policy manager/12.1.0
- version/f5 access policy manager/13.1.0
- version/f5 access policy manager/14.0.0
- version/f5 access policy manager/14.1.2
- version/f5 access policy manager/15.0.0
- canonical/f5 big-ip application acceleration manager
- version/f5 big-ip application acceleration manager/11.5.2
- version/f5 big-ip application acceleration manager/12.1.0
- version/f5 big-ip application acceleration manager/13.1.0
- version/f5 big-ip application acceleration manager/14.0.0
- version/f5 big-ip application acceleration manager/14.1.2
- version/f5 big-ip application acceleration manager/15.0.0
- canonical/f5 big-ip
- version/f5 big-ip/11.5.2
- version/f5 big-ip/12.1.0
- version/f5 big-ip/13.1.0
- version/f5 big-ip/14.0.0
- version/f5 big-ip/14.1.2
- version/f5 big-ip/15.0.0
- canonical/f5 big-ip policy enforcement manager
- version/f5 big-ip policy enforcement manager/11.5.2
- version/f5 big-ip policy enforcement manager/12.1.0
- version/f5 big-ip policy enforcement manager/13.1.0
- version/f5 big-ip policy enforcement manager/14.0.0
- version/f5 big-ip policy enforcement manager/14.1.2
- version/f5 big-ip policy enforcement manager/15.0.0
- canonical/f5 big-ip webaccelerator
- version/f5 big-ip webaccelerator/11.5.2
- version/f5 big-ip webaccelerator/12.1.0
- version/f5 big-ip webaccelerator/13.1.0
- version/f5 big-ip webaccelerator/14.0.0
- version/f5 big-ip webaccelerator/14.1.2
- version/f5 big-ip webaccelerator/15.0.0
- canonical/f5 application security manager
- version/f5 application security manager/11.5.2
- version/f5 application security manager/12.1.0
- version/f5 application security manager/13.1.0
- version/f5 application security manager/14.0.0
- version/f5 application security manager/14.1.2
- version/f5 application security manager/15.0.0
- canonical/f5 big-ip local traffic manager
- version/f5 big-ip local traffic manager/11.5.2
- version/f5 big-ip local traffic manager/12.1.0
- version/f5 big-ip local traffic manager/13.1.0
- version/f5 big-ip local traffic manager/14.0.0
- version/f5 big-ip local traffic manager/14.1.2
- version/f5 big-ip local traffic manager/15.0.0
- canonical/f5 big-ip fraud protection services
- version/f5 big-ip fraud protection services/11.5.2
- version/f5 big-ip fraud protection services/12.1.0
- version/f5 big-ip fraud protection services/13.1.0
- version/f5 big-ip fraud protection services/14.0.0
- version/f5 big-ip fraud protection services/14.1.2
- version/f5 big-ip fraud protection services/15.0.0
- canonical/f5 big-ip global traffic manager
- version/f5 big-ip global traffic manager/11.5.2
- version/f5 big-ip global traffic manager/12.1.0
- version/f5 big-ip global traffic manager/13.1.0
- version/f5 big-ip global traffic manager/14.0.0
- version/f5 big-ip global traffic manager/14.1.2
- version/f5 big-ip global traffic manager/15.0.0
- canonical/f5 big-ip analytics
- version/f5 big-ip analytics/11.5.2
- version/f5 big-ip analytics/12.1.0
- version/f5 big-ip analytics/13.1.0
- version/f5 big-ip analytics/14.0.0
- version/f5 big-ip analytics/14.1.2
- version/f5 big-ip analytics/15.0.0
- canonical/f5 big-ip edge gateway
- version/f5 big-ip edge gateway/11.5.2
- version/f5 big-ip edge gateway/12.1.0
- version/f5 big-ip edge gateway/13.1.0
- version/f5 big-ip edge gateway/14.0.0
- version/f5 big-ip edge gateway/14.1.2
- version/f5 big-ip edge gateway/15.0.0
- canonical/f5 big-ip domain name system
- version/f5 big-ip domain name system/11.5.2
- version/f5 big-ip domain name system/12.1.0
- version/f5 big-ip domain name system/13.1.0
- version/f5 big-ip domain name system/14.0.0
- version/f5 big-ip domain name system/14.1.2
- version/f5 big-ip domain name system/15.0.0
- vendor/canonical
- canonical/ubuntu
- version/ubuntu/14.04
- version/ubuntu/16.04
- version/ubuntu/18.04
- version/ubuntu/18.10
- version/ubuntu/19.04
- vendor/redhat
- canonical/red hat enterprise linux
- version/red hat enterprise linux/7.0
- canonical/f5 big-ip and big-iq centralized management
- version/f5 big-ip and big-iq centralized management/5.1.0
- version/f5 big-ip and big-iq centralized management/5.4.0
- version/f5 big-ip and big-iq centralized management/6.0.0
- version/f5 big-ip and big-iq centralized management/6.1.0
- canonical/f5 enterprise manager
- version/f5 enterprise manager/3.1.1
- canonical/f5 iworkflow
- version/f5 iworkflow/2.3.0
- canonical/f5 traffix systems signaling delivery controller
- version/f5 traffix systems signaling delivery controller/5.0.0
- version/f5 traffix systems signaling delivery controller/5.1.0
- canonical/redhat virtualization host
- version/redhat virtualization host/4.0