CVE-2019-18805

Published: Nov 7, 2019Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6.

Affected (29)

Products: Linux: Linux Kernel · Opensuse: Leap · Redhat: Enterprise Linux · +2 more

Show all products

1 product

1 product

1 product

Enterprise Linux

1 product

Fabric Operating System

13 products

Active Iq Unified Manager

Data Availability Services

E Series Santricity Os Controller

Hci Compute Node

Hci Management Node

Hci Storage Node

Steelstore Cloud Integrated Storage

Aff A700s Firmware

Fas8300 Firmware

Fas8700 Firmware

Aff A400 Firmware

Configuration A

12 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 4.14 to 4.14.115
Linux Linux Kernel	From 4.19 to 4.19.38
Linux Linux Kernel	From 4.4 to 4.4.180
Linux Linux Kernel	From 4.9 to 4.9.172
Linux Linux Kernel	From 5.0 to 5.0.11
Linux Linux Kernel	Version 5.1 rc1
Linux Linux Kernel	Version 5.1 rc2
Linux Linux Kernel	Version 5.1 rc3
Linux Linux Kernel	Version 5.1 rc4
Linux Linux Kernel	Version 5.1 rc5
Linux Linux Kernel	Version 5.1 rc6
Linux Linux Kernel	Version 5.1 rc7

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Opensuse Leap	Version 15.0
Opensuse Leap	Version 15.1

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux	Version 7.0

Configuration D

9 vulnerable

Vulnerable Software	Affected Versions
Broadcom Fabric Operating System	All versions
Netapp Active Iq Unified Manager	All versions
Netapp Data Availability Services	All versions
Netapp E Series Santricity Os Controller	From 11.0.0 to 11.60.3
Netapp Hci Compute Node	All versions
Netapp Hci Management Node	All versions
Netapp Hci Storage Node	All versions
Netapp Solidfire	All versions
Netapp Steelstore Cloud Integrated Storage	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netapp Aff A700s Firmware	All versions

Running on/with	Platform Versions
Netapp Aff A700s	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netapp Fas8300 Firmware	All versions

Running on/with	Platform Versions
Netapp Fas8300	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netapp Fas8700 Firmware	All versions

Running on/with	Platform Versions
Netapp Fas8700	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netapp Aff A400 Firmware	All versions

Running on/with	Platform Versions
Netapp Aff A400	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netapp H610s Firmware	All versions

Running on/with	Platform Versions
Netapp H610s	All versions

Related CWEs

Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

References (12)

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00035.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00039.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://access.redhat.com/errata/RHSA-2020:0740

Source: cve@mitre.org

Third Party Advisory

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.11

Source: cve@mitre.org

Mailing ListPatchVendor Advisory

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=19fad20d15a6494f47f85d869f00b11343ee5c78

Source: cve@mitre.org

Mailing ListPatchVendor Advisory

https://security.netapp.com/advisory/ntap-20191205-0001/

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00035.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00039.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://access.redhat.com/errata/RHSA-2020:0740

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.11

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatchVendor Advisory

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=19fad20d15a6494f47f85d869f00b11343ee5c78

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatchVendor Advisory

https://security.netapp.com/advisory/ntap-20191205-0001/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.