CVE-2019-18805
CVSS v3.1
9.8 (Critical)
CVSS v2.0
7.5 (High)
EPSS
0.70 % (81th)
Affected Products
22
Advisories
17
An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6.
Weaknesses
- CWE-190
- Integer Overflow or Wraparound
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2019-11-07 14:15:11
(4 years ago) - Updated Date
-
2021-06-22 14:47:56
(3 years ago)
Affected Products
- Active Iq Unified Manager
- Data Availability Services
- E-series Santricity Os Controller
- Hci Management Node
- Solidfire
- Steelstore Cloud Integrated Storage
- Aff A400
- Aff A700s
- Fas8300
- Fas8700
- H610s
- Hci Compute Node
- Hci Storage Node
- Aff A400 Firmware
- Aff A700s Firmware
- Fas8300 Firmware
- Fas8700 Firmware
- H610s Firmware
Loading...
Loading...
Loading...
Configuration #1
AND |
|
---|
Configuration #2
AND |
|
---|
Configuration #3
AND |
|
---|
Configuration #4
AND |
|
---|
Configuration #5
AND |
|
---|
Configuration #6
AND |
|
---|
Configuration #7
AND |
|
---|
Configuration #8
AND |
|
---|
Configuration #9
AND |
|
---|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...