2019-06-19 02:15:12 2020-06-19 21:15:00

Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL
Pulsesecure Pulse secure virtual application delivery controller - * * * (not an official CPE) Pulsesecure Pulse policy secure - * * * (not an official CPE) Pulsesecure Pulse connect secure - * * * (not an official CPE) Redhat Enterprise mrg 2.0 * * * (not an official CPE) Redhat Enterprise linux atomic host - * * * (not an official CPE) F5 Big-ip domain name system 15.0.0 * * * (not an official CPE) F5 Big-ip domain name system * * * * (not an official CPE) F5 Big-ip domain name system * * * * (not an official CPE) F5 Big-ip domain name system * * * * (not an official CPE) F5 Big-ip domain name system * * * * (not an official CPE) F5 Big-ip edge gateway 15.0.0 * * * (not an official CPE) F5 Big-ip edge gateway * * * * (not an official CPE) F5 Big-ip edge gateway * * * * (not an official CPE) F5 Big-ip edge gateway * * * * (not an official CPE) F5 Big-ip edge gateway * * * * (not an official CPE) F5 Big-ip analytics 15.0.0 * * * (not an official CPE) F5 Big-ip analytics * * * * (not an official CPE) F5 Big-ip analytics * * * * (not an official CPE) F5 Big-ip analytics * * * * (not an official CPE) F5 Big-ip analytics * * * * (not an official CPE) F5 Big-ip global traffic manager 15.0.0 * * * (not an official CPE) F5 Big-ip global traffic manager * * * * (not an official CPE) F5 Big-ip global traffic manager * * * * (not an official CPE) F5 Big-ip global traffic manager * * * * (not an official CPE) F5 Big-ip global traffic manager * * * * (not an official CPE) F5 Big-ip fraud protection service 15.0.0 * * * (not an official CPE) F5 Big-ip fraud protection service * * * * (not an official CPE) F5 Big-ip fraud protection service * * * * (not an official CPE) F5 Big-ip fraud protection service * * * * (not an official CPE) F5 Big-ip fraud protection service * * * * (not an official CPE) F5 Big-ip local traffic manager 15.0.0 * * * (not an official CPE) F5 Big-ip local traffic manager * * * * (not an official CPE) F5 Big-ip local traffic manager * * * * (not an official CPE) F5 Big-ip local traffic manager * * * * (not an official CPE) F5 Big-ip local traffic manager * * * * (not an official CPE) F5 Big-ip application security manager 15.0.0 * * * (not an official CPE) F5 Big-ip application security manager * * * * (not an official CPE) F5 Big-ip application security manager * * * * (not an official CPE) F5 Big-ip application security manager * * * * (not an official CPE) F5 Big-ip application security manager * * * * (not an official CPE) F5 Big-ip webaccelerator 15.0.0 * * * (not an official CPE) F5 Big-ip webaccelerator * * * * (not an official CPE) F5 Big-ip webaccelerator * * * * (not an official CPE) F5 Big-ip webaccelerator * * * * (not an official CPE) F5 Big-ip webaccelerator * * * * (not an official CPE) F5 Big-ip policy enforcement manager 15.0.0 * * * (not an official CPE) F5 Big-ip policy enforcement manager * * * * (not an official CPE) F5 Big-ip policy enforcement manager * * * * (not an official CPE) F5 Big-ip policy enforcement manager * * * * (not an official CPE) F5 Big-ip policy enforcement manager * * * * (not an official CPE) F5 Big-ip link controller 15.0.0 * * * (not an official CPE) F5 Big-ip link controller * * * * (not an official CPE) F5 Big-ip link controller * * * * (not an official CPE) F5 Big-ip link controller * * * * (not an official CPE) F5 Big-ip link controller * * * * (not an official CPE) F5 Big-ip application acceleration manager 15.0.0 * * * (not an official CPE) F5 Big-ip application acceleration manager * * * * (not an official CPE) F5 Big-ip application acceleration manager * * * * (not an official CPE) F5 Big-ip application acceleration manager * * * * (not an official CPE) F5 Big-ip application acceleration manager * * * * (not an official CPE) F5 Big-ip access policy manager 15.0.0 * * * (not an official CPE) F5 Big-ip access policy manager * * * * (not an official CPE) F5 Big-ip access policy manager * * * * (not an official CPE) F5 Big-ip access policy manager * * * * (not an official CPE) F5 Big-ip access policy manager * * * * (not an official CPE) F5 Big-ip advanced firewall manager 15.0.0 * * * (not an official CPE) F5 Big-ip advanced firewall manager * * * * (not an official CPE) F5 Big-ip advanced firewall manager * * * * (not an official CPE) F5 Big-ip advanced firewall manager * * * * (not an official CPE) F5 Big-ip advanced firewall manager * * * * (not an official CPE)