CVE-2019-11479

Home/CVE/Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fra

CVE

Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fra

Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service.

This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363.

HIGH · CVSS 7.5 EPSS 0.1336

Schedule remediation

EPSS ≥ 0.10 - elevated exploitation probability
EPSS percentile: top 6% of all CVEs by exploitation likelihood
CVSS base score ≥ 7.0

Sigma rules0 YARA rules0

⬡

Weakness Classification

CWE-405Asymmetric Resource Consumption (Amplification)

CWE-770Allocation of Resources Without Limits or Throttling

▤

Affected Products & Versions

linux kernel>= 4.4 and < 4.4.182
linux kernel>= 4.9 and < 4.9.182
linux kernel>= 4.14 and < 4.14.127
linux kernel>= 4.19 and < 4.19.52
linux kernel>= 5.1 and < 5.1.11
f5 big-ip advanced firewall manager>= 11.5.2 and < 11.6.5.1
f5 big-ip advanced firewall manager>= 12.1.0 and < 12.1.5.1
f5 big-ip advanced firewall manager>= 13.1.0 and < 13.1.3.2
Show all 60 affected productsf5 big-ip advanced firewall manager>= 14.0.0 and < 14.0.1.1
f5 big-ip advanced firewall manager>= 14.1.2 and < 14.1.2.1
f5 big-ip advanced firewall manager>= 15.0.0 and < 15.0.1.1
f5 big-ip access policy manager>= 11.5.2 and < 11.6.5.1
f5 big-ip access policy manager>= 12.1.0 and < 12.1.5.1
f5 big-ip access policy manager>= 13.1.0 and < 13.1.3.2
f5 big-ip access policy manager>= 14.0.0 and < 14.0.1.1
f5 big-ip access policy manager>= 14.1.2 and < 14.1.2.1
f5 big-ip access policy manager>= 15.0.0 and < 15.0.1.1
f5 big-ip application acceleration manager>= 11.5.2 and < 11.6.5.1
f5 big-ip application acceleration manager>= 12.1.0 and < 12.1.5.1
f5 big-ip application acceleration manager>= 13.1.0 and < 13.1.3.2
f5 big-ip application acceleration manager>= 14.0.0 and < 14.0.1.1
f5 big-ip application acceleration manager>= 14.1.2 and < 14.1.2.1
f5 big-ip application acceleration manager>= 15.0.0 and < 15.0.1.1
f5 big-ip link controller>= 11.5.2 and < 11.6.5.1
f5 big-ip link controller>= 12.1.0 and < 12.1.5.1
f5 big-ip link controller>= 13.1.0 and < 13.1.3.2
f5 big-ip link controller>= 14.0.0 and < 14.0.1.1
f5 big-ip link controller>= 14.1.2 and < 14.1.2.1
f5 big-ip link controller>= 15.0.0 and < 15.0.1.1
f5 big-ip policy enforcement manager>= 11.5.2 and < 11.6.5.1
f5 big-ip policy enforcement manager>= 12.1.0 and < 12.1.5.1
f5 big-ip policy enforcement manager>= 13.1.0 and < 13.1.3.2
f5 big-ip policy enforcement manager>= 14.0.0 and < 14.0.1.1
f5 big-ip policy enforcement manager>= 14.1.2 and < 14.1.2.1
f5 big-ip policy enforcement manager>= 15.0.0 and < 15.0.1.1
f5 big-ip webaccelerator>= 11.5.2 and < 11.6.5.1
f5 big-ip webaccelerator>= 12.1.0 and < 12.1.5.1
f5 big-ip webaccelerator>= 13.1.0 and < 13.1.3.2
f5 big-ip webaccelerator>= 14.0.0 and < 14.0.1.1
f5 big-ip webaccelerator>= 14.1.2 and < 14.1.2.1
f5 big-ip webaccelerator>= 15.0.0 and < 15.0.1.1
f5 big-ip application security manager>= 11.5.2 and < 11.6.5.1
f5 big-ip application security manager>= 12.1.0 and < 12.1.5.1
f5 big-ip application security manager>= 13.1.0 and < 13.1.3.2
f5 big-ip application security manager>= 14.0.0 and < 14.0.1.1
f5 big-ip application security manager>= 14.1.2 and < 14.1.2.1
f5 big-ip application security manager>= 15.0.0 and < 15.0.1.1
f5 big-ip local traffic manager>= 11.5.2 and < 11.6.5.1
f5 big-ip local traffic manager>= 12.1.0 and < 12.1.5.1
f5 big-ip local traffic manager>= 13.1.0 and < 13.1.3.2
f5 big-ip local traffic manager>= 14.0.0 and < 14.0.1.1
f5 big-ip local traffic manager>= 14.1.2 and < 14.1.2.1
f5 big-ip local traffic manager>= 15.0.0 and < 15.0.1.1
f5 big-ip fraud protection service>= 11.5.2 and < 11.6.5.1
f5 big-ip fraud protection service>= 12.1.0 and < 12.1.5.1
f5 big-ip fraud protection service>= 13.1.0 and < 13.1.3.2
f5 big-ip fraud protection service>= 14.0.0 and < 14.0.1.1
f5 big-ip fraud protection service>= 14.1.2 and < 14.1.2.1
f5 big-ip fraud protection service>= 15.0.0 and < 15.0.1.1
f5 big-ip global traffic manager>= 11.5.2 and < 11.6.5.1

▣

Scoring & Timeline

7.5

HIGH · CVSS v3.1 · security@ubuntu.com

View on NVD

Attack Vector

Network Adjacent Local Physical

Attack Complexity

Low High

Privileges Required

None Low High

User Interaction

None Required

Scope

Unchanged Changed

Confidentiality

None Low High

Integrity

None Low High

Availability

None Low High

Published to NVD19 Jun 2019 · 12:15 AM

CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

⚑

Vendor Advisories

suse-csafopenSUSE-SU-2024:10728-1
suse-csafopenSUSE-SU-2024:13704-1
suse-csafSUSE-SU-2019:2756-1
suse-csafSUSE-SU-2019:2430-1
siemens-csafSSA-462066
Show all 30 vendor advisoriesusnUSN-4041-2
usnUSN-4041-1
suse-csafSUSE-SU-2019:1692-1
rhsaRHSA-2019:1699Important
suse-csafopenSUSE-SU-2019:1571-1
suse-csafopenSUSE-SU-2019:1579-1
suse-csafSUSE-SU-2019:14089-1
suse-csafSUSE-SU-2019:1550-1
rhsaRHSA-2019:1486Important
rhsaRHSA-2019:1485Important
rhsaRHSA-2019:1484Important
rhsaRHSA-2019:1594Important
rhsaRHSA-2019:1483Important
rhsaRHSA-2019:1479Important
rhsaRHSA-2019:1489Important
rhsaRHSA-2019:1488Important
rhsaRHSA-2019:1487Important
rhsaRHSA-2019:1482Important
rhsaRHSA-2019:1481Important
rhsaRHSA-2019:1480Important
rhsaRHSA-2019:1490Important
rhsaRHSA-2019:1602Important
suse-csafSUSE-SU-2019:1527-1
suse-csafSUSE-SU-2019:1529-1
suse-csafSUSE-SU-2019:1530-1

🔗

References & Sources

Source URLs (vendor pages, mailing lists, write-ups). Exploit/PoC links are in their own section above to avoid duplication.

http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txtThird Party Advisory

http://www.openwall.com/lists/oss-security/2019/06/28/2Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2019/07/06/3Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2019/07/06/4Mailing ListThird Party Advisory

http://www.securityfocus.com/bid/108818Third Party AdvisoryVDB Entry

https://access.redhat.com/security/vulnerabilities/tcpsackThird Party Advisory

Show all 25 references

https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdfThird Party Advisory

https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=5f3e2bf008c2221478101ee72f5cb4654b9fc363Mailing ListPatchVendor Advisory

https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=967c05aee439e6e5d7d805e195b3a20ef5c433d6Mailing ListPatchVendor Advisory

https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.mdPatchThird Party Advisory

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193Third Party Advisory

https://kc.mcafee.com/corporate/index?page=content&id=SB10287Third Party Advisory

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0008Third Party Advisory

https://security.netapp.com/advisory/ntap-20190625-0001/Third Party Advisory

https://support.f5.com/csp/article/K35421172Third Party Advisory

https://support.f5.com/csp/article/K35421172?utm_source=f5support&amp

https://usn.ubuntu.com/4041-1/Third Party Advisory

https://usn.ubuntu.com/4041-2/Third Party Advisory

https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanicMitigationThird Party Advisory

https://www.kb.cert.org/vuls/id/905115Third Party AdvisoryUS Government Resource

https://www.oracle.com/security-alerts/cpujan2020.htmlThird Party Advisory

https://www.oracle.com/security-alerts/cpuoct2020.html

https://www.synology.com/security/advisory/Synology_SA_19_28Third Party Advisory

https://www.us-cert.gov/ics/advisories/icsa-19-253-03Third Party AdvisoryUS Government Resource

https://www.us-cert.gov/ics/advisories/icsma-20-170-06Third Party AdvisoryUS Government Resource

Intelligence Graph · click any node to traverse

CVETechnique ActorTool Family

drag to reposition · click any node to traverse · button top-right enlarges

External lookups - second-class, for what we don’t hold ourselves

NVD CVE.org CISA Vulners Exploit-DB GitHub PoC VulnCheck KEV GreyNoise

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin