PT-2019-4437 · Linux+1 · Linux Kernel+1

Mao Wenan

Publicado

2019-09-18

Atualizado

2023-01-17

CVE-2019-18680

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.4.195

Description The issue is related to a NULL pointer dereference in the rds tcp kill sock() function, which can cause denial of service. This can be exploited by a remote attacker to disrupt service.

Recommendations For Linux kernel versions prior to 4.4.195, update to version 4.4.195 or later to resolve the issue. As a temporary workaround, consider restricting access to the rds tcp kill sock() function until a patch is available.

Exploit

Correção

DoS

NULL Pointer Dereference

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-476

Identificadores relacionados

BDU:2020-00194

CVE-2019-18680

SUSE-SU-2019:2984-1

SUSE-SU-2019:3379-1

SUSE-SU-2020:2491-1

SUSE-SU-2020:2497-1

Produtos afetados

Linux Kernel

Suse

PT-2019-4437 · Linux+1 · Linux Kernel+1

CVE-2019-18680

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 201