PT-2019-3099 · Openbsd · Openbsd Kernel

Publicado

2019-08-26

Atualizado

2021-08-02

CVE-2019-8460

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions OpenBSD kernel versions prior to 6.5

Description The issue exists due to insufficient input validation in the tcp sack option() function of the OpenBSD kernel. This can be exploited by a remote attacker to cause a denial of service. An attacker can force the kernel to create long chains of TCP SACK holes, leading to expensive calls to tcp sack option() for every incoming SACK packet.

Recommendations For OpenBSD kernel versions prior to 6.5, update to a version that includes a fix for this issue to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-1049CWE-20

Identificadores relacionados

BDU:2019-03082

CVE-2019-8460

Produtos afetados

Openbsd Kernel

PT-2019-3099 · Openbsd · Openbsd Kernel

CVE-2019-8460

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 11