CVE-2019-11683

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.0.13

Description The issue allows remote attackers to cause a denial of service or possibly have other impacts via UDP packets with a 0 payload, due to mishandling of padded packets. This is related to the udp gro receive segment function in net/ipv4/udp offload.c, which is part of the Linux kernel's Generic Receive Offload (GRO) technology. The problem can lead to slab-out-of-bounds memory corruption when handling UDP packets with zero padding.

Recommendations For Linux kernel versions prior to 5.0.13, update to version 5.0.13 or later to resolve the issue. As a temporary workaround, consider disabling the GRO feature until a patch is available. Restrict access to UDP packets to minimize the risk of exploitation. Avoid using UDP packets with zero payload in the affected API endpoints until the issue is resolved.