CVE-2019-18805

CVSS v3.1 9.8 (Critical)

CVSS v2.0 7.5 (High)

EPSS 0.70 % (81^th)

Affected Products 22

Advisories 17

An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6.

Weaknesses

CWE-190: Integer Overflow or Wraparound

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2019-11-07 14:15:11
(4 years ago)
Updated Date: 2021-06-22 14:47:56
(3 years ago)

Affected Products

Broadcom

Fabric Operating System

Linux

Linux Kernel

Netapp

Opensuse

Leap

Redhat

Enterprise Linux

Configuration #1

AND

		CPE23	From	Up To
OR
	Linux Kernel from 4.4 version and prior 4.4.180 version	cpe:2.3:o:linux:linux_kernel	>= 4.4	< 4.4.180
OR
	Running on/with
	Linux Kernel from 4.9 version and prior 4.9.172 version	cpe:2.3:o:linux:linux_kernel	>= 4.9	< 4.9.172
OR
	Running on/with
	Linux Kernel from 4.14 version and prior 4.14.115 version	cpe:2.3:o:linux:linux_kernel	>= 4.14	< 4.14.115
OR
	Running on/with
	Linux Kernel from 4.19 version and prior 4.19.38 version	cpe:2.3:o:linux:linux_kernel	>= 4.19	< 4.19.38
OR
	Running on/with
	Linux Kernel from 5.0 version and prior 5.0.11 version	cpe:2.3:o:linux:linux_kernel	>= 5.0	< 5.0.11
OR
	Running on/with
	Linux Kernel 5.1 Rc1	cpe:2.3:o:linux:linux_kernel:5.1:rc1
OR
	Running on/with
	Linux Kernel 5.1 Rc2	cpe:2.3:o:linux:linux_kernel:5.1:rc2
OR
	Running on/with
	Linux Kernel 5.1 Rc3	cpe:2.3:o:linux:linux_kernel:5.1:rc3
OR
	Running on/with
	Linux Kernel 5.1 Rc4	cpe:2.3:o:linux:linux_kernel:5.1:rc4
OR
	Running on/with
	Linux Kernel 5.1 Rc5	cpe:2.3:o:linux:linux_kernel:5.1:rc5
OR
	Running on/with
	Linux Kernel 5.1 Rc6	cpe:2.3:o:linux:linux_kernel:5.1:rc6
OR
	Running on/with
	Linux Kernel 5.1 Rc7	cpe:2.3:o:linux:linux_kernel:5.1:rc7

Configuration #2

AND

		CPE23
OR
	Opensuse Leap 15.0	cpe:2.3:o:opensuse:leap:15.0
OR
	Running on/with
	Opensuse Leap 15.1	cpe:2.3:o:opensuse:leap:15.1

Configuration #3

AND

		CPE23	From	Up To
OR
	Redhat Enterprise Linux 7.0	cpe:2.3:o:redhat:enterprise_linux:7.0

Configuration #4

AND

		CPE23	From	Up To
OR
	Netapp Active Iq Unified Manager for Vmware Vsphere	cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vmware_vsphere
OR
	Running on/with
	Netapp Data Availability Services	cpe:2.3:a:netapp:data_availability_services:-
OR
	Running on/with
	Netapp E-series Santricity Os Controller from 11.0.0 version and 11.60.3 and prior versions	cpe:2.3:a:netapp:e-series_santricity_os_controller	>= 11.0.0	<= 11.60.3
OR
	Running on/with
	Netapp Hci Management Node	cpe:2.3:a:netapp:hci_management_node:-
OR
	Running on/with
	Netapp Solidfire	cpe:2.3:a:netapp:solidfire:-
OR
	Running on/with
	Netapp Steelstore Cloud Integrated Storage	cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-
OR
	Running on/with
	Netapp Hci Compute Node	cpe:2.3:h:netapp:hci_compute_node:-
OR
	Running on/with
	Netapp Hci Storage Node	cpe:2.3:h:netapp:hci_storage_node:-
OR
	Running on/with
	Broadcom Fabric Operating System	cpe:2.3:o:broadcom:fabric_operating_system:-

Configuration #5

AND

		CPE23
OR
	Netapp Aff A700s Firmware	cpe:2.3:o:netapp:aff_a700s_firmware:-
OR
	Running on/with
	Netapp Aff A700s	cpe:2.3:h:netapp:aff_a700s:-

Configuration #6

AND

		CPE23
OR
	Netapp Fas8300 Firmware	cpe:2.3:o:netapp:fas8300_firmware:-
OR
	Running on/with
	Netapp Fas8300	cpe:2.3:h:netapp:fas8300:-

Configuration #7

AND

		CPE23
OR
	Netapp Fas8700 Firmware	cpe:2.3:o:netapp:fas8700_firmware:-
OR
	Running on/with
	Netapp Fas8700	cpe:2.3:h:netapp:fas8700:-

Configuration #8

AND

		CPE23
OR
	Netapp Aff A400 Firmware	cpe:2.3:o:netapp:aff_a400_firmware:-
OR
	Running on/with
	Netapp Aff A400	cpe:2.3:h:netapp:aff_a400:-

Configuration #9

AND

		CPE23
OR
	Netapp H610s Firmware	cpe:2.3:o:netapp:h610s_firmware:-
OR
	Running on/with
	Netapp H610s	cpe:2.3:h:netapp:h610s:-