7.5
CWE
400
Advisory Published
Updated

CVE-2019-18904: Migrations requests can cause DoS on rmt

First published: Fri Apr 03 2020(Updated: )

A Uncontrolled Resource Consumption vulnerability in rmt of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Public Cloud 15-SP1, SUSE Linux Enterprise Module for Server Applications 15, SUSE Linux Enterprise Module for Server Applications 15-SP1, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1 allows remote attackers to cause DoS against rmt by requesting migrations. This issue affects: SUSE Linux Enterprise High Performance Computing 15-ESPOS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise High Performance Computing 15-LTSS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Module for Public Cloud 15-SP1 rmt-server versions prior to 2.5.2-3.9.1. SUSE Linux Enterprise Module for Server Applications 15 rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Module for Server Applications 15-SP1 rmt-server versions prior to 2.5.2-3.9.1. SUSE Linux Enterprise Server 15-LTSS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Server for SAP 15 rmt-server versions prior to 2.5.2-3.26.1. openSUSE Leap 15.1 rmt-server versions prior to 2.5.2-lp151.2.9.1.

Credit: meissner@suse.de

Affected SoftwareAffected VersionHow to fix
Opensuse Rmt-server<=2.5.2-3.26.1
SUSE Linux Enterprise High Performance Computing=15.0
SUSE Linux Enterprise High Performance Computing=15.0
SUSE Linux Enterprise Server=15
Suse Linux Enterprise Server Ltss=15
Suse Linux Enterprise Server Sap=15
Opensuse Rmt-server<=2.5.2-3.9.1
Suse Linux Enterprise Public Cloud=15.0-sp1
SUSE Linux Enterprise Server=15-sp1
Opensuse Rmt-server<=2.5.2-lp151.2.9.1
openSUSE Leap=15.1

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is CVE-2019-18904?

    CVE-2019-18904 is a vulnerability in rmt of SUSE Linux Enterprise High Performance Computing, which allows uncontrolled resource consumption.

  • What is the severity of CVE-2019-18904?

    The severity of CVE-2019-18904 is high, with a severity value of 7.5.

  • What software is affected by CVE-2019-18904?

    The affected software includes SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, and SUSE Linux Enterprise Module for Public Cloud 15-SP1.

  • How can I fix CVE-2019-18904 vulnerability?

    To fix the CVE-2019-18904 vulnerability, update the rmt-server software to version 2.5.2-3.26.1 or later.

  • Where can I find more information about CVE-2019-18904?

    You can find more information about CVE-2019-18904 at the following link: [https://bugzilla.suse.com/show_bug.cgi?id=1160922](https://bugzilla.suse.com/show_bug.cgi?id=1160922)

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203