CVE-2019-18805 vulnerability in Linux and Other Products
Published on November 7, 2019

An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6.

Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2019-18805

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-18805 are published in these products:

Linux Kernel

OpenSuse Leap

Red Hat Enterprise Linux (RHEL)

NetApp Active Iq Unified Manager

NetApp Data Availability Services

NetApp E Series Santricity Os Controller

NetApp Hci Management Node

NetApp Solidfire

NetApp Steelstore Cloud Integrated Storage

NetApp Hci Compute Node

NetApp Hci Storage Node

NetApp Brocade Fabric Os

Broadcom Fabric Operating System

Exploit Probability

EPSS

0.57%

Percentile

68.17%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-18805 vulnerability in Linux and Other ProductsPublished on November 7, 2019

Products Associated with CVE-2019-18805

Exploit Probability

CVE-2019-18805 vulnerability in Linux and Other Products
Published on November 7, 2019