Fixed
Created: Jun 19, 2019
Updated: Aug 15, 2019
Resolved Date: Jul 16, 2019
Found In Version: 10.17.41.1
Fix Version: 10.17.41.17
Severity: Standard
Applicable for: Wind River Linux LTS 17
Component/s: Kernel
An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP segments. If the Maximum Segment Size (MSS) of a TCP connection was set to low values, such as 48 bytes, it can leave as little as 8 bytes for the user data, which significantly increases the Linux kernel's resource (CPU, Memory, and Bandwidth) utilization. A remote attacker could use this flaw to cause a denial of service (DoS) by repeatedly sending network traffic on a TCP connection with low TCP MSS.
CREATE(Triage): {Link=https://nvd.nist.gov/vuln/detail/CVE-2019-11479 User=mhatle}
