Ubuntu
linux package

Remote denial of service (resource exhaustion) caused by low Maximum Segment Size values

Cosmic (18.10)
Bug #1832286

Bug #1832286 reported by Seth Arnold on 2019-06-11

260

This bug affects 1 person

Affects

Status

Importance

Assigned to

Milestone

linux (Ubuntu)

Fix Committed

Medium

Tyler Hicks

You need to log in to change this bug's status.

Affecting:	linux (Ubuntu)
Filed here by:	Seth Arnold
When:	2019-06-11
Confirmed:	2019-06-17
Assigned:	2019-06-17
Started work:	2019-06-17

Target

Distribution
Package	(Find…)
Project	(Find…)

Status	Importance
	Medium

Assigned to

	Me
	Tyler Hicks (tyhicks)

Comment on this change (optional)

Email me about changes to this bug report

Xenial

New

Undecided

Unassigned

You need to log in to change this bug's status.

Affecting:	linux (Ubuntu Xenial)
Filed here by:	Tyler Hicks
When:	2019-06-18

Package

Status	Importance
	Undecided

Assigned to

	Nobody
	Me

Comment on this change (optional)

Email me about changes to this bug report

Bionic

New

Undecided

Unassigned

You need to log in to change this bug's status.

Affecting:	linux (Ubuntu Bionic)
Filed here by:	Tyler Hicks
When:	2019-06-18

Package

Status	Importance
	Undecided

Assigned to

	Nobody
	Me

Comment on this change (optional)

Email me about changes to this bug report

Cosmic

New

Undecided

Unassigned

You need to log in to change this bug's status.

Affecting:	linux (Ubuntu Cosmic)
Filed here by:	Tyler Hicks
When:	2019-06-18

Package

Status	Importance
	Undecided

Assigned to

	Nobody
	Me

Comment on this change (optional)

Email me about changes to this bug report

Disco

Won't Fix

Undecided

Unassigned

You need to log in to change this bug's status.

Affecting:	linux (Ubuntu Disco)
Filed here by:	Tyler Hicks
When:	2019-06-18
Completed:	2020-07-02

Package

Status	Importance
	Undecided

Assigned to

	Nobody
	Me

Comment on this change (optional)

Email me about changes to this bug report

(?)

Bug Description

Jonathan Looney discovered that a remote attacker could cause a denial of service (resource exhaustion) via a maliciously crafted TCP session that utilizes a low MSS value.

See original description

Tags: Edit Tag help

CVE References

2019-11479

Tyler Hicks (tyhicks) wrote on 2019-06-17:

This bug report represents CVE-2019-11479

summary:	- placeholder bug + Remote denial of service (resource exhaustion) caused by low Maximum + Segment Size values
description:	updated
Changed in linux (Ubuntu):
status:	New → Fix Committed
importance:	Undecided → Medium
assignee:	nobody → Tyler Hicks (tyhicks)
information type:	Private Security → Public Security
description:	updated

Brad Figg (brad-figg) on 2019-07-24

tags:

added: cscc

Steve Langasek (vorlon) on 2020-07-02

Changed in linux (Ubuntu Disco):
status:	New → Won't Fix

Report a bug

This report contains Public Security information Edit

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Ubuntulinux package

Remote denial of service (resource exhaustion) caused by low Maximum Segment Size values

Bug Description

CVE References

Other bug subscribers

Ubuntu
linux package