PT-2019-3984 · Linux+4 · Linux Kernel+4

Published

2016-03-17

·

Updated

2021-06-22

·

CVE-2019-18805

CVSS v2.0

10

Critical

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.0.11
Description An issue in the Linux kernel allows for a denial of service or possibly other impacts due to a signed integer overflow in tcp ack update rtt() when a very large integer is written to /proc/sys/net/ipv4/tcp min rtt wlen. This can be triggered by a remote attacker. Additionally, there is a vulnerability in the dwc3 pci probe() function caused by an integer overflow, which can also lead to a denial of service.
Recommendations For Linux kernel versions prior to 5.0.11, update to version 5.0.11 or later to resolve the issue. As a temporary workaround, consider restricting write access to /proc/sys/net/ipv4/tcp min rtt wlen to prevent exploitation. Additionally, restrict access to the dwc3 pci probe() function in drivers/usb/dwc3/dwc3-pci.c to minimize the risk of exploitation.

Fix

DoS

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

ALT-PU-2016-1262
ALT-PU-2017-1299
ALT-PU-2018-1557
ALT-PU-2019-1139
ALT-PU-2019-1363
ALT-PU-2019-1762
ALT-PU-2019-1765
ALT-PU-2019-1767
BDU:2019-04515
CESA-2020_1567
CESA-2020_1769
CVE-2019-18805
OPENSUSE-SU-2019:2503-1
OPENSUSE-SU-2019:2507-1
OPENSUSE-SU-2019_2503-1
OPENSUSE-SU-2019_2507-1
RHSA-2020:0740
RHSA-2020:1567
RHSA-2020:1769
RHSA-2020_1567
RHSA-2020_1769
SUSE-SU-2019:2951-1
SUSE-SU-2019:2953-1
SUSE-SU-2019:2984-1
SUSE-SU-2019:3200-1
SUSE-SU-2019:3294-1
SUSE-SU-2019:3295-1
SUSE-SU-2019:3317-1
SUSE-SU-2019:3371-1
SUSE-SU-2019:3372-1
SUSE-SU-2019:3379-1
SUSE-SU-2019:3381-1
SUSE-SU-2020:0093-1

Affected Products

Alt Linux
Centos
Linux Kernel
Red Hat
Suse