OVAL Reference oval:com.ubuntu.bionic:def:2019114770000000

Oval Definition:

oval:com.ubuntu.bionic:def:2019114770000000

Revision Date:	2019-06-19	Version:	1
Title:	CVE-2019-11477 on Ubuntu 18.04 LTS (bionic) - high.
Description:	Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff. Jonathan Looney discovered that an integer overflow existed in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service (system crash).
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2019-11477
Platform(s):	Ubuntu 18.04 LTS	Product(s):
Definition Synopsis
Ubuntu 18.04 LTS (bionic) is installed. AND Package Information linux package in bionic was vulnerable but has been fixed (note: '4.15.0-52.56'). OR linux-aws package in bionic was vulnerable but has been fixed (note: '4.15.0-1041.43'). OR linux-azure package in bionic was vulnerable but has been fixed (note: '4.18.0-1020.20~18.04.1'). OR linux-gcp package in bionic was vulnerable but has been fixed (note: '4.15.0-1034.36'). OR linux-gke-4.15 package in bionic was vulnerable but has been fixed (note: '4.15.0-1034.36'). OR linux-gke-5.0 package in bionic, is related to the CVE in some way and has been fixed (note: '5.0.0-1011.11~18.04.1'). OR linux-hwe package in bionic was vulnerable but has been fixed (note: '4.18.0-22.23~18.04.1'). OR linux-kvm package in bionic was vulnerable but has been fixed (note: '4.15.0-1036.36'). OR linux-meta package in bionic was vulnerable but has been fixed (note: '4.15.0-52.56'). OR linux-meta-aws package in bionic was vulnerable but has been fixed (note: '4.15.0-1041.43'). OR linux-meta-azure package in bionic was vulnerable but has been fixed (note: '4.18.0-1020.20~18.04.1'). OR linux-meta-gcp package in bionic was vulnerable but has been fixed (note: '4.15.0-1034.36'). OR linux-meta-gke-4.15 package in bionic was vulnerable but has been fixed (note: '4.15.0-1034.36'). OR linux-meta-gke-5.0 package in bionic, is related to the CVE in some way and has been fixed (note: '5.0.0-1011.11~18.04.1'). OR linux-meta-hwe package in bionic was vulnerable but has been fixed (note: '4.18.0-22.23~18.04.1'). OR linux-meta-kvm package in bionic was vulnerable but has been fixed (note: '4.15.0-1036.36'). OR linux-meta-oem package in bionic was vulnerable but has been fixed (note: '4.15.0-1043.48'). OR linux-meta-oracle package in bionic was vulnerable but has been fixed (note: '4.15.0-1015.17'). OR linux-meta-raspi2 package in bionic was vulnerable but has been fixed (note: '4.15.0-1038.40'). OR linux-meta-snapdragon package in bionic was vulnerable but has been fixed (note: '4.15.0-1055.59'). OR linux-oem package in bionic was vulnerable but has been fixed (note: '4.15.0-1043.48'). OR linux-oracle package in bionic was vulnerable but has been fixed (note: '4.15.0-1015.17'). OR linux-raspi2 package in bionic was vulnerable but has been fixed (note: '4.15.0-1038.40'). OR linux-signed package in bionic was vulnerable but has been fixed (note: '4.15.0-52.56'). OR linux-signed-azure package in bionic was vulnerable but has been fixed (note: '4.18.0-1020.20~18.04.1'). OR linux-signed-gcp package in bionic was vulnerable but has been fixed (note: '4.15.0-1034.36'). OR linux-signed-gke-4.15 package in bionic was vulnerable but has been fixed (note: '4.15.0-1034.36'). OR linux-signed-gke-5.0 package in bionic, is related to the CVE in some way and has been fixed (note: '5.0.0-1011.11~18.04.1'). OR linux-signed-hwe package in bionic was vulnerable but has been fixed (note: '4.18.0-22.23~18.04.1'). OR linux-signed-oem package in bionic was vulnerable but has been fixed (note: '4.15.0-1043.48'). OR linux-signed-oracle package in bionic was vulnerable but has been fixed (note: '4.15.0-1015.17'). OR linux-snapdragon package in bionic was vulnerable but has been fixed (note: '4.15.0-1055.59').

BACK