Alpaquita LinuxStreamSecurity Advisory
Search Cve

CVE-2019-11683

Published: May 2, 2019Last modified: May 14, 2024

Description

udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x before 5.0.13 allows remote attackers to cause a denial of service (slab-out-of-bounds memory corruption) or possibly have unspecified other impact via UDP packets with a 0 payload, because of mishandling of padded packets, aka the "GRO packet of death" issue.

Severity score breakdown

ParameterValue
Base score9.8
Attack VectorNETWORK
Attack complexityLOW
Privileges requiredNONE
User interactionNONE
ScopeUNCHANGED
ConfidentialityHIGH
Integrity impactHIGH
Availability impactHIGH
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Status

ProductReleasePackageStatus
Alpaquita LinuxStreamlinux-ltsNot affected (6.1.33-r0)

References

ON THIS PAGE