CVE-2019-11477 (GCVE-0-2019-11477)
Vulnerability from cvelistv5
Published
2019-06-18 23:34
Modified
2024-09-17 02:21
CWE
  • CWE-190 - Integer Overflow or Wraparound
Summary
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.
References
security@ubuntu.com http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html Third Party Advisory, VDB Entry
security@ubuntu.com http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html Third Party Advisory, VDB Entry
security@ubuntu.com http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt Third Party Advisory
security@ubuntu.com http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en Third Party Advisory
security@ubuntu.com http://www.openwall.com/lists/oss-security/2019/06/20/3 Mailing List, Third Party Advisory
security@ubuntu.com http://www.openwall.com/lists/oss-security/2019/06/28/2 Mailing List, Third Party Advisory
security@ubuntu.com http://www.openwall.com/lists/oss-security/2019/07/06/3 Mailing List, Third Party Advisory
security@ubuntu.com http://www.openwall.com/lists/oss-security/2019/07/06/4 Mailing List, Third Party Advisory
security@ubuntu.com http://www.openwall.com/lists/oss-security/2019/10/24/1 Mailing List, Third Party Advisory
security@ubuntu.com http://www.openwall.com/lists/oss-security/2019/10/29/3 Mailing List, Third Party Advisory
security@ubuntu.com http://www.vmware.com/security/advisories/VMSA-2019-0010.html Third Party Advisory
security@ubuntu.com https://access.redhat.com/errata/RHSA-2019:1594 Third Party Advisory
security@ubuntu.com https://access.redhat.com/errata/RHSA-2019:1602 Third Party Advisory
security@ubuntu.com https://access.redhat.com/errata/RHSA-2019:1699 Third Party Advisory
security@ubuntu.com https://access.redhat.com/security/vulnerabilities/tcpsack Third Party Advisory
security@ubuntu.com https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf Third Party Advisory
security@ubuntu.com https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff Mailing List, Patch, Vendor Advisory
security@ubuntu.com https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md Patch, Third Party Advisory
security@ubuntu.com https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193 Third Party Advisory
security@ubuntu.com https://kc.mcafee.com/corporate/index?page=content&id=SB10287 Third Party Advisory
security@ubuntu.com https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006 Third Party Advisory
security@ubuntu.com https://security.netapp.com/advisory/ntap-20190625-0001/ Third Party Advisory
security@ubuntu.com https://support.f5.com/csp/article/K78234183 Third Party Advisory
security@ubuntu.com https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic Mitigation, Third Party Advisory
security@ubuntu.com https://www.kb.cert.org/vuls/id/905115 Third Party Advisory, US Government Resource
security@ubuntu.com https://www.oracle.com/security-alerts/cpujan2020.html Third Party Advisory
security@ubuntu.com https://www.oracle.com/security-alerts/cpuoct2020.html Third Party Advisory
security@ubuntu.com https://www.synology.com/security/advisory/Synology_SA_19_28 Third Party Advisory
security@ubuntu.com https://www.us-cert.gov/ics/advisories/icsa-19-253-03 Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108 http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108 http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108 http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.openwall.com/lists/oss-security/2019/06/20/3 Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.openwall.com/lists/oss-security/2019/06/28/2 Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.openwall.com/lists/oss-security/2019/07/06/3 Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.openwall.com/lists/oss-security/2019/07/06/4 Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.openwall.com/lists/oss-security/2019/10/24/1 Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.openwall.com/lists/oss-security/2019/10/29/3 Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.vmware.com/security/advisories/VMSA-2019-0010.html Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://access.redhat.com/errata/RHSA-2019:1594 Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://access.redhat.com/errata/RHSA-2019:1602 Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://access.redhat.com/errata/RHSA-2019:1699 Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://access.redhat.com/security/vulnerabilities/tcpsack Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff Mailing List, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193 Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://kc.mcafee.com/corporate/index?page=content&id=SB10287 Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006 Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://security.netapp.com/advisory/ntap-20190625-0001/ Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://support.f5.com/csp/article/K78234183 Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic Mitigation, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://www.kb.cert.org/vuls/id/905115 Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108 https://www.oracle.com/security-alerts/cpujan2020.html Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://www.oracle.com/security-alerts/cpuoct2020.html Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://www.synology.com/security/advisory/Synology_SA_19_28 Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://www.us-cert.gov/ics/advisories/icsa-19-253-03 Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
Linux Linux kernel Version: 4.4   < 4.4.182
Version: 4.9   < 4.9.182
Version: 4.14   < 4.14.127
Version: 4.19   < 4.19.52
Version: 5.1   < 5.1.11
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:55:40.213Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VU#905115",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/905115"
          },
          {
            "name": "[oss-security] 20190620 Re: Linux and FreeBSD Kernel: Multiple TCP-based remote denial of service issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/06/20/3"
          },
          {
            "name": "RHSA-2019:1594",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1594"
          },
          {
            "name": "RHSA-2019:1602",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1602"
          },
          {
            "name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
          },
          {
            "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
          },
          {
            "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
          },
          {
            "name": "RHSA-2019:1699",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1699"
          },
          {
            "name": "[oss-security] 20191023 Membership application for linux-distros - VMware",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"
          },
          {
            "name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/vulnerabilities/tcpsack"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K78234183"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.synology.com/security/advisory/Synology_SA_19_28"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20190625-0001/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Linux kernel",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4.4.182",
              "status": "affected",
              "version": "4.4",
              "versionType": "custom"
            },
            {
              "lessThan": "4.9.182",
              "status": "affected",
              "version": "4.9",
              "versionType": "custom"
            },
            {
              "lessThan": "4.14.127",
              "status": "affected",
              "version": "4.14",
              "versionType": "custom"
            },
            {
              "lessThan": "4.19.52",
              "status": "affected",
              "version": "4.19",
              "versionType": "custom"
            },
            {
              "lessThan": "5.1.11",
              "status": "affected",
              "version": "5.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Jonathan Looney from Netflix"
        }
      ],
      "datePublic": "2019-06-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Jonathan Looney discovered that the TCP_SKB_CB(skb)-\u003etcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190 Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-20T21:14:56",
        "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "shortName": "canonical"
      },
      "references": [
        {
          "name": "VU#905115",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/905115"
        },
        {
          "name": "[oss-security] 20190620 Re: Linux and FreeBSD Kernel: Multiple TCP-based remote denial of service issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/06/20/3"
        },
        {
          "name": "RHSA-2019:1594",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1594"
        },
        {
          "name": "RHSA-2019:1602",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1602"
        },
        {
          "name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
        },
        {
          "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
        },
        {
          "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
        },
        {
          "name": "RHSA-2019:1699",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1699"
        },
        {
          "name": "[oss-security] 20191023 Membership application for linux-distros - VMware",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"
        },
        {
          "name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://access.redhat.com/security/vulnerabilities/tcpsack"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K78234183"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.synology.com/security/advisory/Synology_SA_19_28"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20190625-0001/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt"
        }
      ],
      "source": {
        "advisory": "https://usn.ubuntu.com/4017-1",
        "defect": [
          "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1831637"
        ],
        "discovery": "UNKNOWN"
      },
      "title": "Integer overflow in TCP_SKB_CB(skb)-\u003etcp_gso_segs",
      "x_generator": {
        "engine": "Vulnogram 0.0.7"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "AKA": "SACK Panic",
          "ASSIGNER": "security@ubuntu.com",
          "DATE_PUBLIC": "2019-06-17T00:00:00.000Z",
          "ID": "CVE-2019-11477",
          "STATE": "PUBLIC",
          "TITLE": "Integer overflow in TCP_SKB_CB(skb)-\u003etcp_gso_segs"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Linux kernel",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "4.4",
                            "version_value": "4.4.182"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "4.9",
                            "version_value": "4.9.182"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "4.14",
                            "version_value": "4.14.127"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "4.19",
                            "version_value": "4.19.52"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "5.1",
                            "version_value": "5.1.11"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Linux"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Jonathan Looney from Netflix"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Jonathan Looney discovered that the TCP_SKB_CB(skb)-\u003etcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.7"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-190 Integer Overflow or Wraparound"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#905115",
              "refsource": "CERT-VN",
              "url": "https://www.kb.cert.org/vuls/id/905115"
            },
            {
              "name": "[oss-security] 20190620 Re: Linux and FreeBSD Kernel: Multiple TCP-based remote denial of service issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/06/20/3"
            },
            {
              "name": "RHSA-2019:1594",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1594"
            },
            {
              "name": "RHSA-2019:1602",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1602"
            },
            {
              "name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
            },
            {
              "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
            },
            {
              "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
            },
            {
              "name": "RHSA-2019:1699",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1699"
            },
            {
              "name": "[oss-security] 20191023 Membership application for linux-distros - VMware",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"
            },
            {
              "name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujan2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
            },
            {
              "name": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff",
              "refsource": "MISC",
              "url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff"
            },
            {
              "name": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md",
              "refsource": "MISC",
              "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md"
            },
            {
              "name": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic",
              "refsource": "MISC",
              "url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic"
            },
            {
              "name": "https://access.redhat.com/security/vulnerabilities/tcpsack",
              "refsource": "MISC",
              "url": "https://access.redhat.com/security/vulnerabilities/tcpsack"
            },
            {
              "name": "https://support.f5.com/csp/article/K78234183",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K78234183"
            },
            {
              "name": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html"
            },
            {
              "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193",
              "refsource": "CONFIRM",
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193"
            },
            {
              "name": "https://www.synology.com/security/advisory/Synology_SA_19_28",
              "refsource": "CONFIRM",
              "url": "https://www.synology.com/security/advisory/Synology_SA_19_28"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20190625-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20190625-0001/"
            },
            {
              "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006",
              "refsource": "CONFIRM",
              "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006"
            },
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf"
            },
            {
              "name": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03"
            },
            {
              "name": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
            },
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt"
            }
          ]
        },
        "source": {
          "advisory": "https://usn.ubuntu.com/4017-1",
          "defect": [
            "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1831637"
          ],
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
    "assignerShortName": "canonical",
    "cveId": "CVE-2019-11477",
    "datePublished": "2019-06-18T23:34:51.026970Z",
    "dateReserved": "2019-04-23T00:00:00",
    "dateUpdated": "2024-09-17T02:21:15.995Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-11477\",\"sourceIdentifier\":\"security@ubuntu.com\",\"published\":\"2019-06-19T00:15:12.640\",\"lastModified\":\"2024-11-21T04:21:09.480\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Jonathan Looney discovered that the TCP_SKB_CB(skb)-\u003etcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.\"},{\"lang\":\"es\",\"value\":\"Jonathan Looney detect\u00f3 que el valor TCP_SKB_CB(skb)-mayor que tcp_gso_segs estuvo sujeto a un desbordamiento de enteros en el kernel de Linux durante el manejo del Reconocimiento Selectivo (SACK) de TCP. Un atacante remoto podr\u00eda usar esto para causar una denegaci\u00f3n de servicio. Esto se ha corregido en versiones de kernel estables 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, y se corrige en el commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV30\":[{\"source\":\"security@ubuntu.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security@ubuntu.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.6.29\",\"versionEndExcluding\":\"3.16.69\",\"matchCriteriaId\":\"190D94DD-9CDB-413B-9A15-BFBDB1BB127C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.17\",\"versionEndExcluding\":\"4.4.182\",\"matchCriteriaId\":\"D641CA66-86A4-4172-9D98-206C31578C5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.5\",\"versionEndExcluding\":\"4.9.182\",\"matchCriteriaId\":\"966342A3-015F-4BCC-A513-335362A79A26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.10\",\"versionEndExcluding\":\"4.14.127\",\"matchCriteriaId\":\"1A632572-BC71-422E-B953-346709BA1658\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.15\",\"versionEndExcluding\":\"4.19.52\",\"matchCriteriaId\":\"C91C6131-9445-46E6-960B-76E8A34DC7E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"5.1.11\",\"matchCriteriaId\":\"E0E372D7-8DD5-45E7-9C26-CF389B1A09A5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.2\",\"versionEndIncluding\":\"11.6.4\",\"matchCriteriaId\":\"33AF102E-2851-45B5-8C71-B393F34D4591\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.4\",\"matchCriteriaId\":\"5E4EA2A9-C197-40D4-A6AE-A64D69536F99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.1\",\"matchCriteriaId\":\"5A3215E6-7223-4AF1-BFD3-BD8AE9B6B572\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndIncluding\":\"14.1.0\",\"matchCriteriaId\":\"720A06E3-441B-4D51-8FC0-D569DD7FEB10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FF1C75A-F753-40CB-9E26-DA6D31931DDC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.2\",\"versionEndIncluding\":\"11.6.4\",\"matchCriteriaId\":\"A057B236-8B7C-430D-B107-8FF96D132E73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.4\",\"matchCriteriaId\":\"2D7877E8-E50F-4DC6-867D-C19A8DB533E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.1\",\"matchCriteriaId\":\"899BE6FE-B23F-4236-8A5E-B41AFF28E533\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndIncluding\":\"14.1.0\",\"matchCriteriaId\":\"BEBAD7C4-AC37-463F-B63C-6EAD5542F2A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:15.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C046FBE7-DCCD-40FE-AC1F-4DAD11D2E0AC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.2\",\"versionEndIncluding\":\"11.6.4\",\"matchCriteriaId\":\"66FC8C37-629D-4FBA-9C79-615BDDCF7837\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.4\",\"matchCriteriaId\":\"66FCB095-3E70-472A-AB9D-60F001F3A539\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.1\",\"matchCriteriaId\":\"FA39C4F5-4D97-4B0B-8DA9-780F7ACF0A74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndIncluding\":\"14.1.0\",\"matchCriteriaId\":\"D2833083-97E9-4B3C-8E6B-BCAC1851D148\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8C7C45A-CC14-4092-903C-3001986D2859\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.2\",\"versionEndIncluding\":\"11.6.4\",\"matchCriteriaId\":\"42EBAE78-C03E-42C9-AC2D-D654A8DF8516\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.4\",\"matchCriteriaId\":\"75D817B1-EC06-4180-B272-067299818B09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.1\",\"matchCriteriaId\":\"0E3A4646-9AAA-445E-A08F-226D41485DC2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndIncluding\":\"14.1.0\",\"matchCriteriaId\":\"09C950E6-BF12-43D4-9125-AD9D90EDD67A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:15.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A99DC2F-BFC7-4FEA-87DF-5E9DF428F2D3\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.2\",\"versionEndIncluding\":\"11.6.4\",\"matchCriteriaId\":\"255D11E3-F502-45CD-8958-5989F179574E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.4\",\"matchCriteriaId\":\"E72B035F-97C1-41C6-B424-F3929B9D7A99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.1\",\"matchCriteriaId\":\"E058E775-EAAA-46DF-9F3D-A8D042AAFD88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndIncluding\":\"14.1.0\",\"matchCriteriaId\":\"9AD3B4BB-7F5C-4565-9345-2D4895630AAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B872A0D5-9B23-40F2-8AAB-253A4F406D18\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.2\",\"versionEndIncluding\":\"11.6.4\",\"matchCriteriaId\":\"10A57948-C53A-4CD0-801B-7E801D08E112\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.4\",\"matchCriteriaId\":\"F367EED9-1F71-4720-BE53-3074FF6049C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.1\",\"matchCriteriaId\":\"20BF15AA-1183-489E-A24A-FFB5BFD84664\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndIncluding\":\"14.1.0\",\"matchCriteriaId\":\"83B684D2-5889-41EA-B54A-8E7AF43DA647\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:15.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45D0AF1B-9106-4C38-B1A2-87FC189ADBAB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.2\",\"versionEndIncluding\":\"11.6.4\",\"matchCriteriaId\":\"8E4A258E-4F20-4C3C-8269-CD7554539EC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.4\",\"matchCriteriaId\":\"1A5E9908-C959-48FD-8FAC-C0FE329E6FD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.1\",\"matchCriteriaId\":\"442A56A6-935D-427A-8562-144DD770E317\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndIncluding\":\"14.1.0\",\"matchCriteriaId\":\"6434ED4F-0BA2-445A-B6E9-D3E301EE3930\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:15.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C2A9F32-FF72-44AA-AA1A-5B09E8E57E24\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.2\",\"versionEndIncluding\":\"11.6.4\",\"matchCriteriaId\":\"1DA668DC-EFB6-44C3-8521-47BB9F474DD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.4\",\"matchCriteriaId\":\"C23EFF81-0FF4-4B4A-BAC3-85EC62230099\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.1\",\"matchCriteriaId\":\"24AB3C9F-77E5-4D87-A9C1-366B087E7F68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndIncluding\":\"14.1.0\",\"matchCriteriaId\":\"D17CC587-3325-4D95-BE63-B948C63B411D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FB6D7D8-2688-48A2-8E3E-341881EF0B4C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.2\",\"versionEndIncluding\":\"11.6.4\",\"matchCriteriaId\":\"24904D5C-58FF-49B0-B598-F798BAD110E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.4\",\"matchCriteriaId\":\"DE11CCA1-58BF-462E-A0DE-49F3BC1C5499\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.1\",\"matchCriteriaId\":\"639FCD86-C487-40DD-9840-8931FAF5DF3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndIncluding\":\"14.1.0\",\"matchCriteriaId\":\"1117B40B-36E7-4205-82B0-52B4862A6D03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:15.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12F0D363-0DE8-4E32-9187-D7ACA0868BD8\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.2\",\"versionEndIncluding\":\"11.6.4\",\"matchCriteriaId\":\"DB112ABE-C07E-480F-8042-6321E602183D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.4\",\"matchCriteriaId\":\"9A751827-1169-408E-BCE6-A129BDDB489D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.1\",\"matchCriteriaId\":\"428C4BEA-AFDA-45EC-9D5F-DDF409461C33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndIncluding\":\"14.1.0\",\"matchCriteriaId\":\"717C0443-3E88-4814-8D4A-F0C067176228\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:15.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3879431-2E02-4B6C-BB4F-C2FF631A0974\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.2\",\"versionEndIncluding\":\"11.6.4\",\"matchCriteriaId\":\"7865E258-CDA0-43A5-9945-81E07BF11A82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.4\",\"matchCriteriaId\":\"CAECED76-81A2-4A0C-8C2E-24C235BB32DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.1\",\"matchCriteriaId\":\"BDC38EF1-6210-40A1-88FC-964C470E41BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndIncluding\":\"14.1.0\",\"matchCriteriaId\":\"713EB3E7-A657-4F6A-901D-618AF660CBBC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:15.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EACA0835-51AD-4AC0-8C87-5564F3A821CD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.2\",\"versionEndIncluding\":\"11.6.4\",\"matchCriteriaId\":\"B572C267-AF06-4270-8FDC-18EBDDED7879\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.4\",\"matchCriteriaId\":\"88B12CA1-E853-4898-8A06-F991BE19A27A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.1\",\"matchCriteriaId\":\"4C98DCCF-2D89-4C05-A0AE-60CF8228B860\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndIncluding\":\"14.1.0\",\"matchCriteriaId\":\"B439DE9D-6A09-4487-82A4-E75A57717CAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_edge_gateway:15.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA4F1CFB-0FD9-4AEB-BF25-093115F9D891\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.2\",\"versionEndIncluding\":\"11.6.4\",\"matchCriteriaId\":\"19428E8B-18C2-413A-A3C0-AC6AB9F952F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.4\",\"matchCriteriaId\":\"6166E0DB-2BA5-454D-ABBC-9E4916436A44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.1\",\"matchCriteriaId\":\"F42F4AF6-4BCC-497E-A889-0BBCA965CB32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndIncluding\":\"14.1.0\",\"matchCriteriaId\":\"AEC2164D-11D0-4DCD-B814-6AB185C3BADF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:15.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA4AE425-1D86-4DB9-8B8F-74C6678BD528\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"8D305F7A-D159-4716-AB26-5E38BB5CD991\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"815D70A8-47D3-459C-A32C-9FEACA0659D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07C312A0-CD2C-4B9C-B064-6409B25C278F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD783B0C-9246-47D9-A937-6144FE8BFF0F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:enterprise_linux_atomic_host:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF483911-003B-470B-A12B-85EF34A50469\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D8B549B-E57B-4DFE-8A13-CAB06B5356B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_aus:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79191794-6151-46E9-AAFD-3EC0C05B03B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_aus:6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"893A7EE9-495D-405A-B809-39DC80778B2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F96E3779-F56A-45FF-BB3D-4980527D721E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CF73560-2F5B-4723-A8A1-9AADBB3ADA00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C60FA8B1-1802-4522-A088-22171DCF7A93\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97D046F5-FF1A-41A7-8EDE-2C93E335906E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_policy_secure:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1C8792C-1CF0-450B-A8BD-2B5274156053\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_virtual_application_delivery_controller:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3CCBFDE-C2FA-40E3-AA44-0EB0A6861BD4\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0.0\",\"versionEndIncluding\":\"5.1.0\",\"matchCriteriaId\":\"4E52F91D-3F39-4D89-8069-EC422FB1F700\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/06/20/3\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/06/28/2\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/07/06/3\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/07/06/4\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/10/24/1\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/10/29/3\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2019-0010.html\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1594\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1602\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1699\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/vulnerabilities/tcpsack\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190625-0001/\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K78234183\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/905115\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2020.html\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.synology.com/security/advisory/Synology_SA_19_28\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.us-cert.gov/ics/advisories/icsa-19-253-03\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/06/20/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/06/28/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/07/06/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/07/06/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/10/24/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/10/29/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2019-0010.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1594\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1602\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1699\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/vulnerabilities/tcpsack\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190625-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K78234183\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/905115\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.synology.com/security/advisory/Synology_SA_19_28\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.us-cert.gov/ics/advisories/icsa-19-253-03\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.


Loading…

Loading…