Bug 1719129 (CVE-2019-11479)
| Summary: | CVE-2019-11479 kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Sam Fowler <sfowler> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | acaringi, ahardin, airlied, bhu, blc, bleanhar, brdeoliv, bskeggs, ccoleman, dblechte, dedgar, dfediuck, dhoward, dvlasenk, eedri, esammons, fhrbata, fwestpha, hannsj_uhl, hdegoede, hkrzesin, iboverma, ichavero, igkioka, itamar, jarodwilson, jbenc, jeremy, jforbes, jglisse, jgoulding, jkacur, john.j5live, jonathan, josef, jross, jstancek, jwboyer, kernel-maint, kernel-mgr, labbott, lgoncalv, linville, matt, mchappel, mchehab, mcressma, mgoldboi, michal.skrivanek, mjg59, mlangsdo, mleitner, nhorman, nmurray, plougher, pmatouse, pmyers, ppandit, rkhan, rt-maint, rvrbovsk, sbonazzo, security-response-team, sherold, steved, williams, yturgema |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: |
An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP segments. If the Maximum Segment Size (MSS) of a TCP connection was set to low values, such as 48 bytes, it can leave as little as 8 bytes for the user data, which significantly increases the Linux kernel's resource (CPU, Memory, and Bandwidth) utilization. A remote attacker could use this flaw to cause a denial of service (DoS) by repeatedly sending network traffic on a TCP connection with low TCP MSS.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-07-12 13:07:29 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1719904, 1719613, 1719614, 1719615, 1719616, 1719617, 1719618, 1719620, 1719906, 1719907, 1719908, 1719909, 1719910, 1719911, 1719912, 1719913, 1719914, 1719915, 1719916, 1719917, 1719918, 1719920, 1719921, 1719922, 1719923, 1719924, 1719925, 1719928, 1721064, 1721065, 1721066, 1721120, 1721255 | ||
| Bug Blocks: | 1719124 | ||
|
Description
Sam Fowler
2019-06-11 06:45:29 UTC
Acknowledgments: Name: Jonathan Looney (Netflix Information Security) Mitigation: For mitigation, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/security/vulnerabilities/tcpsack Note: This issue has been rated as having Moderate impact because the denial of service effect is caused by excessive resource(CPU/Memory/Bandwidth etc.) consumption by the offending TCP connections and thus temporary. It leaves lesser resources for the other processes and connections on the system. This resource crunch lasts as long as the offending TCP connections are alive with incoming network traffic. It does not completely halt the system. Network monitoring system(s) would likely raise alerts/alarms for such incoming network traffic. So an administrator should be able to take due measures to thwart offending TCP connections and pertaining network traffic to control the impact of the DoS on affected systems. Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1721255] External References: https://www.openwall.com/lists/oss-security/2019/06/17/5 https://patchwork.ozlabs.org/project/netdev/list/?series=114310 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2019:1479 https://access.redhat.com/errata/RHSA-2019:1479 This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2019:1488 https://access.redhat.com/errata/RHSA-2019:1488 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:1481 https://access.redhat.com/errata/RHSA-2019:1481 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.5 Extended Update Support Via RHSA-2019:1482 https://access.redhat.com/errata/RHSA-2019:1482 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.4 Extended Update Support Via RHSA-2019:1483 https://access.redhat.com/errata/RHSA-2019:1483 This issue has been addressed in the following products: Red Hat Enterprise Linux 6.6 Advanced Update Support Via RHSA-2019:1489 https://access.redhat.com/errata/RHSA-2019:1489 This issue has been addressed in the following products: Red Hat Enterprise Linux 6.5 Advanced Update Support Via RHSA-2019:1490 https://access.redhat.com/errata/RHSA-2019:1490 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.2 Advanced Update Support Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions Red Hat Enterprise Linux 7.2 Telco Extended Update Support Via RHSA-2019:1485 https://access.redhat.com/errata/RHSA-2019:1485 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.3 Advanced Update Support Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions Red Hat Enterprise Linux 7.3 Telco Extended Update Support Via RHSA-2019:1484 https://access.redhat.com/errata/RHSA-2019:1484 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2019:1480 https://access.redhat.com/errata/RHSA-2019:1480 This issue has been addressed in the following products: Red Hat Enterprise MRG 2 Via RHSA-2019:1487 https://access.redhat.com/errata/RHSA-2019:1487 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:1486 https://access.redhat.com/errata/RHSA-2019:1486 This issue has been addressed in the following products: Red Hat Virtualization 4.2 for Red Hat Enterprise Linux 7.6 EUS Via RHSA-2019:1594 https://access.redhat.com/errata/RHSA-2019:1594 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:1602 https://access.redhat.com/errata/RHSA-2019:1602 This issue has been addressed in the following products: Red Hat OpenShift Container Platform 4 (RH CoreOS) Via RHBA-2019:1589 https://access.redhat.com/errata/RHBA-2019:1589 This issue has been addressed in the following products: Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 Via RHSA-2019:1699 https://access.redhat.com/errata/RHSA-2019:1699 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-11479 Statement: Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/security/vulnerabilities/tcpsack Red Hat Enterprise Linux 5 is now in the Extended Life Phase of maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/. OpenShift Container Platform 4 does not ship its own kernel package, instead using versions shipped in RHEL. Removing from flaw bug affects. |