Remote denial of service (resource exhaustion) caused by low Maximum Segment Size values

Bug #1832286 reported by Seth Arnold on 2019-06-11
260
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Medium
Tyler Hicks
Xenial
Undecided
Unassigned
Bionic
Undecided
Unassigned
Cosmic
Undecided
Unassigned
Disco
Undecided
Unassigned

Bug Description

Jonathan Looney discovered that a remote attacker could cause a denial of service (resource exhaustion) via a maliciously crafted TCP session that utilizes a low MSS value.

CVE References

Tyler Hicks (tyhicks) wrote :

This bug report represents CVE-2019-11479

summary: - placeholder bug
+ Remote denial of service (resource exhaustion) caused by low Maximum
+ Segment Size values
description: updated
Changed in linux (Ubuntu):
status: New → Fix Committed
importance: Undecided → Medium
assignee: nobody → Tyler Hicks (tyhicks)
information type: Private Security → Public Security
description: updated
Brad Figg (brad-figg) on 2019-07-24
tags: added: cscc
Steve Langasek (vorlon) on 2020-07-02
Changed in linux (Ubuntu Disco):
status: New → Won't Fix
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers