CVE-2019-11683

Опубликовано: 01 мая 2019

Источник: redhat

CVSS3: 7.5

EPSS Средний

Описание

udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x before 5.0.13 allows remote attackers to cause a denial of service (slab-out-of-bounds memory corruption) or possibly have unspecified other impact via UDP packets with a 0 payload, because of mishandling of padded packets, aka the "GRO packet of death" issue.

Отчет

This flaw did not affect the versions of kernel as shipped with Red Hat Enterprise Linux 5, 6, 7 and 8.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-alt	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise Linux 8	kernel	Not affected
Red Hat Enterprise Linux 8	kernel-rt	Not affected
Red Hat Enterprise MRG 2	kernel-rt	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-119->CWE-125

https://bugzilla.redhat.com/show_bug.cgi?id=1707358kernel: udp_gro_receive_segment in net/ipv4/udp_offload.c allows denial of service or other unspecified impact via UDP packets with 0 payload

EPSS

Процентиль: 93%

0.10551

Средний

7.5 High

CVSS3

Связанные уязвимости

CVE-2019-11683

CVSS3: 9.8

ubuntu

почти 7 лет назад

CVE-2019-11683

CVSS3: 9.8

nvd

почти 7 лет назад

CVE-2019-11683

CVSS3: 9.8

debian

почти 7 лет назад

udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel ...

GHSA-v8g2-q4cj-f9mh

CVSS3: 9.8

github

больше 3 лет назад

udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x through 5.0.11 allows remote attackers to cause a denial of service (slab-out-of-bounds memory corruption) or possibly have unspecified other impact via UDP packets with a 0 payload, because of mishandling of padded packets, aka the "GRO packet of death" issue.

EPSS

Процентиль: 93%

0.10551

Средний

7.5 High

CVSS3