Wind River Support Network


OVP8-493 : Security Advisory - Linux - CVE-2019-11478

Created: Jun 19, 2019    Updated: Nov 21, 2019
Resolved Date: Jul 16, 2019
Previous ID: LIN8-11055
Found In Version:
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Kernel


An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments. While processing SACK segments, the Linux kernel's socket buffer (SKB) data structure becomes fragmented, which leads to increased resource utilization to traverse and process these fragments as further SACK segments are received on the same TCP connection. A remote attacker could use this flaw to cause a denial of service (DoS) by sending a crafted sequence of SACK segments on a TCP connection.

CREATE(Triage): {Link= User=mhatle}
Live chat