CVE-2019-11477
Vulnerability from cvelistv5
Published
2019-06-18 23:34
Modified
2024-09-17 02:21
Summary
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.
References
security@ubuntu.comhttp://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.htmlThird Party Advisory, VDB Entry
security@ubuntu.comhttp://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.htmlThird Party Advisory, VDB Entry
security@ubuntu.comhttp://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txtThird Party Advisory
security@ubuntu.comhttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-enThird Party Advisory
security@ubuntu.comhttp://www.openwall.com/lists/oss-security/2019/06/20/3Mailing List, Third Party Advisory
security@ubuntu.comhttp://www.openwall.com/lists/oss-security/2019/06/28/2Mailing List, Third Party Advisory
security@ubuntu.comhttp://www.openwall.com/lists/oss-security/2019/07/06/3Mailing List, Third Party Advisory
security@ubuntu.comhttp://www.openwall.com/lists/oss-security/2019/07/06/4Mailing List, Third Party Advisory
security@ubuntu.comhttp://www.openwall.com/lists/oss-security/2019/10/24/1Mailing List, Third Party Advisory
security@ubuntu.comhttp://www.openwall.com/lists/oss-security/2019/10/29/3Mailing List, Third Party Advisory
security@ubuntu.comhttp://www.vmware.com/security/advisories/VMSA-2019-0010.htmlThird Party Advisory
security@ubuntu.comhttps://access.redhat.com/errata/RHSA-2019:1594Third Party Advisory
security@ubuntu.comhttps://access.redhat.com/errata/RHSA-2019:1602Third Party Advisory
security@ubuntu.comhttps://access.redhat.com/errata/RHSA-2019:1699Third Party Advisory
security@ubuntu.comhttps://access.redhat.com/security/vulnerabilities/tcpsackThird Party Advisory
security@ubuntu.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdfThird Party Advisory
security@ubuntu.comhttps://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cffMailing List, Patch, Vendor Advisory
security@ubuntu.comhttps://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.mdPatch, Third Party Advisory
security@ubuntu.comhttps://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193Third Party Advisory
security@ubuntu.comhttps://kc.mcafee.com/corporate/index?page=content&id=SB10287Third Party Advisory
security@ubuntu.comhttps://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006Third Party Advisory
security@ubuntu.comhttps://security.netapp.com/advisory/ntap-20190625-0001/Third Party Advisory
security@ubuntu.comhttps://support.f5.com/csp/article/K78234183Third Party Advisory
security@ubuntu.comhttps://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanicMitigation, Third Party Advisory
security@ubuntu.comhttps://www.kb.cert.org/vuls/id/905115Third Party Advisory, US Government Resource
security@ubuntu.comhttps://www.oracle.com/security-alerts/cpujan2020.htmlThird Party Advisory
security@ubuntu.comhttps://www.oracle.com/security-alerts/cpuoct2020.htmlThird Party Advisory
security@ubuntu.comhttps://www.synology.com/security/advisory/Synology_SA_19_28Third Party Advisory
security@ubuntu.comhttps://www.us-cert.gov/ics/advisories/icsa-19-253-03Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txtThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-enThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2019/06/20/3Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2019/06/28/2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2019/07/06/3Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2019/07/06/4Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2019/10/24/1Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2019/10/29/3Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/security/advisories/VMSA-2019-0010.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2019:1594Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2019:1602Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2019:1699Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/security/vulnerabilities/tcpsackThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdfThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cffMailing List, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.mdPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://kc.mcafee.com/corporate/index?page=content&id=SB10287Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20190625-0001/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K78234183Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanicMitigation, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.kb.cert.org/vuls/id/905115Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpujan2020.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuoct2020.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.synology.com/security/advisory/Synology_SA_19_28Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.us-cert.gov/ics/advisories/icsa-19-253-03Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:55:40.213Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VU#905115",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/905115"
          },
          {
            "name": "[oss-security] 20190620 Re: Linux and FreeBSD Kernel: Multiple TCP-based remote denial of service issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/06/20/3"
          },
          {
            "name": "RHSA-2019:1594",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1594"
          },
          {
            "name": "RHSA-2019:1602",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1602"
          },
          {
            "name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
          },
          {
            "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
          },
          {
            "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
          },
          {
            "name": "RHSA-2019:1699",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1699"
          },
          {
            "name": "[oss-security] 20191023 Membership application for linux-distros - VMware",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"
          },
          {
            "name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/vulnerabilities/tcpsack"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K78234183"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.synology.com/security/advisory/Synology_SA_19_28"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20190625-0001/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Linux kernel",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4.4.182",
              "status": "affected",
              "version": "4.4",
              "versionType": "custom"
            },
            {
              "lessThan": "4.9.182",
              "status": "affected",
              "version": "4.9",
              "versionType": "custom"
            },
            {
              "lessThan": "4.14.127",
              "status": "affected",
              "version": "4.14",
              "versionType": "custom"
            },
            {
              "lessThan": "4.19.52",
              "status": "affected",
              "version": "4.19",
              "versionType": "custom"
            },
            {
              "lessThan": "5.1.11",
              "status": "affected",
              "version": "5.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Jonathan Looney from Netflix"
        }
      ],
      "datePublic": "2019-06-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Jonathan Looney discovered that the TCP_SKB_CB(skb)-\u003etcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190 Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-20T21:14:56",
        "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "shortName": "canonical"
      },
      "references": [
        {
          "name": "VU#905115",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/905115"
        },
        {
          "name": "[oss-security] 20190620 Re: Linux and FreeBSD Kernel: Multiple TCP-based remote denial of service issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/06/20/3"
        },
        {
          "name": "RHSA-2019:1594",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1594"
        },
        {
          "name": "RHSA-2019:1602",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1602"
        },
        {
          "name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
        },
        {
          "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
        },
        {
          "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
        },
        {
          "name": "RHSA-2019:1699",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1699"
        },
        {
          "name": "[oss-security] 20191023 Membership application for linux-distros - VMware",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"
        },
        {
          "name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://access.redhat.com/security/vulnerabilities/tcpsack"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K78234183"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.synology.com/security/advisory/Synology_SA_19_28"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20190625-0001/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt"
        }
      ],
      "source": {
        "advisory": "https://usn.ubuntu.com/4017-1",
        "defect": [
          "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1831637"
        ],
        "discovery": "UNKNOWN"
      },
      "title": "Integer overflow in TCP_SKB_CB(skb)-\u003etcp_gso_segs",
      "x_generator": {
        "engine": "Vulnogram 0.0.7"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "AKA": "SACK Panic",
          "ASSIGNER": "security@ubuntu.com",
          "DATE_PUBLIC": "2019-06-17T00:00:00.000Z",
          "ID": "CVE-2019-11477",
          "STATE": "PUBLIC",
          "TITLE": "Integer overflow in TCP_SKB_CB(skb)-\u003etcp_gso_segs"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Linux kernel",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "4.4",
                            "version_value": "4.4.182"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "4.9",
                            "version_value": "4.9.182"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "4.14",
                            "version_value": "4.14.127"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "4.19",
                            "version_value": "4.19.52"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "5.1",
                            "version_value": "5.1.11"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Linux"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Jonathan Looney from Netflix"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Jonathan Looney discovered that the TCP_SKB_CB(skb)-\u003etcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.7"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-190 Integer Overflow or Wraparound"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#905115",
              "refsource": "CERT-VN",
              "url": "https://www.kb.cert.org/vuls/id/905115"
            },
            {
              "name": "[oss-security] 20190620 Re: Linux and FreeBSD Kernel: Multiple TCP-based remote denial of service issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/06/20/3"
            },
            {
              "name": "RHSA-2019:1594",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1594"
            },
            {
              "name": "RHSA-2019:1602",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1602"
            },
            {
              "name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
            },
            {
              "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
            },
            {
              "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
            },
            {
              "name": "RHSA-2019:1699",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1699"
            },
            {
              "name": "[oss-security] 20191023 Membership application for linux-distros - VMware",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"
            },
            {
              "name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujan2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
            },
            {
              "name": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff",
              "refsource": "MISC",
              "url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff"
            },
            {
              "name": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md",
              "refsource": "MISC",
              "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md"
            },
            {
              "name": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic",
              "refsource": "MISC",
              "url": "https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic"
            },
            {
              "name": "https://access.redhat.com/security/vulnerabilities/tcpsack",
              "refsource": "MISC",
              "url": "https://access.redhat.com/security/vulnerabilities/tcpsack"
            },
            {
              "name": "https://support.f5.com/csp/article/K78234183",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K78234183"
            },
            {
              "name": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html"
            },
            {
              "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193",
              "refsource": "CONFIRM",
              "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193"
            },
            {
              "name": "https://www.synology.com/security/advisory/Synology_SA_19_28",
              "refsource": "CONFIRM",
              "url": "https://www.synology.com/security/advisory/Synology_SA_19_28"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20190625-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20190625-0001/"
            },
            {
              "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006",
              "refsource": "CONFIRM",
              "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006"
            },
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2019-0010.html"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf"
            },
            {
              "name": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/icsa-19-253-03"
            },
            {
              "name": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
            },
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt"
            }
          ]
        },
        "source": {
          "advisory": "https://usn.ubuntu.com/4017-1",
          "defect": [
            "https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1831637"
          ],
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
    "assignerShortName": "canonical",
    "cveId": "CVE-2019-11477",
    "datePublished": "2019-06-18T23:34:51.026970Z",
    "dateReserved": "2019-04-23T00:00:00",
    "dateUpdated": "2024-09-17T02:21:15.995Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-11477\",\"sourceIdentifier\":\"security@ubuntu.com\",\"published\":\"2019-06-19T00:15:12.640\",\"lastModified\":\"2024-11-21T04:21:09.480\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Jonathan Looney discovered that the TCP_SKB_CB(skb)-\u003etcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.\"},{\"lang\":\"es\",\"value\":\"Jonathan Looney detect\u00f3 que el valor TCP_SKB_CB(skb)-mayor que tcp_gso_segs estuvo sujeto a un desbordamiento de enteros en el kernel de Linux durante el manejo del Reconocimiento Selectivo (SACK) de TCP. Un atacante remoto podr\u00eda usar esto para causar una denegaci\u00f3n de servicio. Esto se ha corregido en versiones de kernel estables 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, y se corrige en el commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV30\":[{\"source\":\"security@ubuntu.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security@ubuntu.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.6.29\",\"versionEndExcluding\":\"3.16.69\",\"matchCriteriaId\":\"190D94DD-9CDB-413B-9A15-BFBDB1BB127C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.17\",\"versionEndExcluding\":\"4.4.182\",\"matchCriteriaId\":\"D641CA66-86A4-4172-9D98-206C31578C5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.5\",\"versionEndExcluding\":\"4.9.182\",\"matchCriteriaId\":\"966342A3-015F-4BCC-A513-335362A79A26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.10\",\"versionEndExcluding\":\"4.14.127\",\"matchCriteriaId\":\"1A632572-BC71-422E-B953-346709BA1658\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.15\",\"versionEndExcluding\":\"4.19.52\",\"matchCriteriaId\":\"C91C6131-9445-46E6-960B-76E8A34DC7E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"5.1.11\",\"matchCriteriaId\":\"E0E372D7-8DD5-45E7-9C26-CF389B1A09A5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.2\",\"versionEndIncluding\":\"11.6.4\",\"matchCriteriaId\":\"33AF102E-2851-45B5-8C71-B393F34D4591\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.4\",\"matchCriteriaId\":\"5E4EA2A9-C197-40D4-A6AE-A64D69536F99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.1\",\"matchCriteriaId\":\"5A3215E6-7223-4AF1-BFD3-BD8AE9B6B572\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndIncluding\":\"14.1.0\",\"matchCriteriaId\":\"720A06E3-441B-4D51-8FC0-D569DD7FEB10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FF1C75A-F753-40CB-9E26-DA6D31931DDC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.2\",\"versionEndIncluding\":\"11.6.4\",\"matchCriteriaId\":\"A057B236-8B7C-430D-B107-8FF96D132E73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.4\",\"matchCriteriaId\":\"2D7877E8-E50F-4DC6-867D-C19A8DB533E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.1\",\"matchCriteriaId\":\"899BE6FE-B23F-4236-8A5E-B41AFF28E533\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndIncluding\":\"14.1.0\",\"matchCriteriaId\":\"BEBAD7C4-AC37-463F-B63C-6EAD5542F2A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_access_policy_manager:15.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C046FBE7-DCCD-40FE-AC1F-4DAD11D2E0AC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.2\",\"versionEndIncluding\":\"11.6.4\",\"matchCriteriaId\":\"66FC8C37-629D-4FBA-9C79-615BDDCF7837\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.4\",\"matchCriteriaId\":\"66FCB095-3E70-472A-AB9D-60F001F3A539\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.1\",\"matchCriteriaId\":\"FA39C4F5-4D97-4B0B-8DA9-780F7ACF0A74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndIncluding\":\"14.1.0\",\"matchCriteriaId\":\"D2833083-97E9-4B3C-8E6B-BCAC1851D148\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8C7C45A-CC14-4092-903C-3001986D2859\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.2\",\"versionEndIncluding\":\"11.6.4\",\"matchCriteriaId\":\"42EBAE78-C03E-42C9-AC2D-D654A8DF8516\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.4\",\"matchCriteriaId\":\"75D817B1-EC06-4180-B272-067299818B09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.1\",\"matchCriteriaId\":\"0E3A4646-9AAA-445E-A08F-226D41485DC2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndIncluding\":\"14.1.0\",\"matchCriteriaId\":\"09C950E6-BF12-43D4-9125-AD9D90EDD67A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_link_controller:15.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A99DC2F-BFC7-4FEA-87DF-5E9DF428F2D3\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.2\",\"versionEndIncluding\":\"11.6.4\",\"matchCriteriaId\":\"255D11E3-F502-45CD-8958-5989F179574E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.4\",\"matchCriteriaId\":\"E72B035F-97C1-41C6-B424-F3929B9D7A99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.1\",\"matchCriteriaId\":\"E058E775-EAAA-46DF-9F3D-A8D042AAFD88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndIncluding\":\"14.1.0\",\"matchCriteriaId\":\"9AD3B4BB-7F5C-4565-9345-2D4895630AAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B872A0D5-9B23-40F2-8AAB-253A4F406D18\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.2\",\"versionEndIncluding\":\"11.6.4\",\"matchCriteriaId\":\"10A57948-C53A-4CD0-801B-7E801D08E112\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.4\",\"matchCriteriaId\":\"F367EED9-1F71-4720-BE53-3074FF6049C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.1\",\"matchCriteriaId\":\"20BF15AA-1183-489E-A24A-FFB5BFD84664\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndIncluding\":\"14.1.0\",\"matchCriteriaId\":\"83B684D2-5889-41EA-B54A-8E7AF43DA647\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_webaccelerator:15.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45D0AF1B-9106-4C38-B1A2-87FC189ADBAB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.2\",\"versionEndIncluding\":\"11.6.4\",\"matchCriteriaId\":\"8E4A258E-4F20-4C3C-8269-CD7554539EC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.4\",\"matchCriteriaId\":\"1A5E9908-C959-48FD-8FAC-C0FE329E6FD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.1\",\"matchCriteriaId\":\"442A56A6-935D-427A-8562-144DD770E317\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndIncluding\":\"14.1.0\",\"matchCriteriaId\":\"6434ED4F-0BA2-445A-B6E9-D3E301EE3930\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_application_security_manager:15.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C2A9F32-FF72-44AA-AA1A-5B09E8E57E24\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.2\",\"versionEndIncluding\":\"11.6.4\",\"matchCriteriaId\":\"1DA668DC-EFB6-44C3-8521-47BB9F474DD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.4\",\"matchCriteriaId\":\"C23EFF81-0FF4-4B4A-BAC3-85EC62230099\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.1\",\"matchCriteriaId\":\"24AB3C9F-77E5-4D87-A9C1-366B087E7F68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndIncluding\":\"14.1.0\",\"matchCriteriaId\":\"D17CC587-3325-4D95-BE63-B948C63B411D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FB6D7D8-2688-48A2-8E3E-341881EF0B4C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.2\",\"versionEndIncluding\":\"11.6.4\",\"matchCriteriaId\":\"24904D5C-58FF-49B0-B598-F798BAD110E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.4\",\"matchCriteriaId\":\"DE11CCA1-58BF-462E-A0DE-49F3BC1C5499\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.1\",\"matchCriteriaId\":\"639FCD86-C487-40DD-9840-8931FAF5DF3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndIncluding\":\"14.1.0\",\"matchCriteriaId\":\"1117B40B-36E7-4205-82B0-52B4862A6D03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_fraud_protection_service:15.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12F0D363-0DE8-4E32-9187-D7ACA0868BD8\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.2\",\"versionEndIncluding\":\"11.6.4\",\"matchCriteriaId\":\"DB112ABE-C07E-480F-8042-6321E602183D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.4\",\"matchCriteriaId\":\"9A751827-1169-408E-BCE6-A129BDDB489D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.1\",\"matchCriteriaId\":\"428C4BEA-AFDA-45EC-9D5F-DDF409461C33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndIncluding\":\"14.1.0\",\"matchCriteriaId\":\"717C0443-3E88-4814-8D4A-F0C067176228\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_global_traffic_manager:15.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3879431-2E02-4B6C-BB4F-C2FF631A0974\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.2\",\"versionEndIncluding\":\"11.6.4\",\"matchCriteriaId\":\"7865E258-CDA0-43A5-9945-81E07BF11A82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.4\",\"matchCriteriaId\":\"CAECED76-81A2-4A0C-8C2E-24C235BB32DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.1\",\"matchCriteriaId\":\"BDC38EF1-6210-40A1-88FC-964C470E41BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndIncluding\":\"14.1.0\",\"matchCriteriaId\":\"713EB3E7-A657-4F6A-901D-618AF660CBBC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_analytics:15.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EACA0835-51AD-4AC0-8C87-5564F3A821CD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.2\",\"versionEndIncluding\":\"11.6.4\",\"matchCriteriaId\":\"B572C267-AF06-4270-8FDC-18EBDDED7879\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.4\",\"matchCriteriaId\":\"88B12CA1-E853-4898-8A06-F991BE19A27A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.1\",\"matchCriteriaId\":\"4C98DCCF-2D89-4C05-A0AE-60CF8228B860\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndIncluding\":\"14.1.0\",\"matchCriteriaId\":\"B439DE9D-6A09-4487-82A4-E75A57717CAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_edge_gateway:15.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA4F1CFB-0FD9-4AEB-BF25-093115F9D891\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.5.2\",\"versionEndIncluding\":\"11.6.4\",\"matchCriteriaId\":\"19428E8B-18C2-413A-A3C0-AC6AB9F952F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.1.0\",\"versionEndIncluding\":\"12.1.4\",\"matchCriteriaId\":\"6166E0DB-2BA5-454D-ABBC-9E4916436A44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.1.0\",\"versionEndIncluding\":\"13.1.1\",\"matchCriteriaId\":\"F42F4AF6-4BCC-497E-A889-0BBCA965CB32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndIncluding\":\"14.1.0\",\"matchCriteriaId\":\"AEC2164D-11D0-4DCD-B814-6AB185C3BADF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:big-ip_domain_name_system:15.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA4AE425-1D86-4DB9-8B8F-74C6678BD528\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"8D305F7A-D159-4716-AB26-5E38BB5CD991\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"815D70A8-47D3-459C-A32C-9FEACA0659D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07C312A0-CD2C-4B9C-B064-6409B25C278F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD783B0C-9246-47D9-A937-6144FE8BFF0F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:enterprise_linux_atomic_host:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF483911-003B-470B-A12B-85EF34A50469\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D8B549B-E57B-4DFE-8A13-CAB06B5356B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_aus:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79191794-6151-46E9-AAFD-3EC0C05B03B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_aus:6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"893A7EE9-495D-405A-B809-39DC80778B2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F96E3779-F56A-45FF-BB3D-4980527D721E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CF73560-2F5B-4723-A8A1-9AADBB3ADA00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C60FA8B1-1802-4522-A088-22171DCF7A93\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ivanti:connect_secure:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97D046F5-FF1A-41A7-8EDE-2C93E335906E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_policy_secure:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1C8792C-1CF0-450B-A8BD-2B5274156053\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pulsesecure:pulse_secure_virtual_application_delivery_controller:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3CCBFDE-C2FA-40E3-AA44-0EB0A6861BD4\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0.0\",\"versionEndIncluding\":\"5.1.0\",\"matchCriteriaId\":\"4E52F91D-3F39-4D89-8069-EC422FB1F700\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/06/20/3\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/06/28/2\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/07/06/3\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/07/06/4\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/10/24/1\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/10/29/3\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2019-0010.html\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1594\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1602\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1699\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/vulnerabilities/tcpsack\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190625-0001/\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K78234183\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/905115\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2020.html\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.synology.com/security/advisory/Synology_SA_19_28\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.us-cert.gov/ics/advisories/icsa-19-253-03\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://packetstormsecurity.com/files/153346/Kernel-Live-Patch-Security-Notice-LSN-0052-1.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-010.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191225-01-kernel-en\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/06/20/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/06/28/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/07/06/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/07/06/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/10/24/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/10/29/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2019-0010.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1594\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1602\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1699\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/vulnerabilities/tcpsack\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-462066.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=3b4929f65b0d8249f19a50245cd88ed1a2f78cff\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10287\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0006\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190625-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K78234183\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/905115\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.synology.com/security/advisory/Synology_SA_19_28\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.us-cert.gov/ics/advisories/icsa-19-253-03\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.