CVE-2019-18805

Priority
Description
An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel
before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in
tcp_ack_update_rtt() when userspace writes a very large integer to
/proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or
possibly unspecified other impact, aka CID-19fad20d15a6.
Notes
sbeattierequires write access to /proc/sys/net/ipv4/tcp_min_rtt_wlen
... which is probably possible with unprivileged user namespaces;
Marking when this sysctl was added as the break line
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (5.1~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected (3.0.0-12.20)
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (3.11.0-12.19)
Ubuntu 16.04 LTS (Xenial Xerus):pending (4.4.0-157.185)
Ubuntu 18.04 LTS (Bionic Beaver):pending (4.15.0-60.67)
Ubuntu 19.04 (Disco Dingo):pending (5.0.0-21.22)
Ubuntu 19.10 (Eoan Ermine):not-affected (5.2.0-8.9)
Ubuntu 20.04 (Focal Fossa):not-affected
Patches:
Introduced by
bd239704295c66196e6b77c5717ec4aec076ddd5
Fixed by
19fad20d15a6494f47f85d869f00b11343ee5c78
Introduced by
f672258391b42a5c7cc2732c9c063e56a85c8dbe
Fixed by
19fad20d15a6494f47f85d869f00b11343ee5c78
Package
Upstream:released (5.1~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):pending (4.4.0-1054.58)
Ubuntu 16.04 LTS (Xenial Xerus):pending (4.4.0-1090.101)
Ubuntu 18.04 LTS (Bionic Beaver):pending (4.15.0-1047.49)
Ubuntu 19.04 (Disco Dingo):pending (5.0.0-1011.12)
Ubuntu 19.10 (Eoan Ermine):not-affected (5.0.0-1011.12)
Ubuntu 20.04 (Focal Fossa):not-affected
Package
Upstream:released (5.1~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.0.0-1021.24~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.1~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):pending (4.15.0-1047.49~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.1~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):pending (4.15.0-1059.64~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):pending (4.15.0-1056.61)
Ubuntu 18.04 LTS (Bionic Beaver):pending (5.0.0-1014.14~18.04.1)
Ubuntu 19.04 (Disco Dingo):pending (5.0.0-1012.12)
Ubuntu 19.10 (Eoan Ermine):not-affected (5.0.0-1012.12)
Ubuntu 20.04 (Focal Fossa):not-affected
Package
Upstream:released (5.1~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.3.0-1007.8~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.1~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was pending \[4.15.0-1056.61\] now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):needs-triage
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.1~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):pending (4.15.0-1041.43)
Ubuntu 18.04 LTS (Bionic Beaver):pending (4.15.0-1042.45)
Ubuntu 19.04 (Disco Dingo):pending (5.0.0-1011.11)
Ubuntu 19.10 (Eoan Ermine):not-affected (5.0.0-1011.11)
Ubuntu 20.04 (Focal Fossa):not-affected
Package
Upstream:released (5.1~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.3.0-1008.9~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.1~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):needs-triage
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.1~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):pending (4.15.0-1041.43)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.1~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.0.0-1011.11~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.1~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):pending (4.15.0-60.67~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):pending (5.0.0-23.24~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.1~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):pending (4.15.0-60.67~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):ignored (was pending \[5.3.0-19.20~18.04.2\] now end-of-life)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.1~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):pending (4.4.0-1052.59)
Ubuntu 18.04 LTS (Bionic Beaver):pending (4.15.0-1043.43)
Ubuntu 19.04 (Disco Dingo):pending (5.0.0-1011.12)
Ubuntu 19.10 (Eoan Ermine):not-affected (5.0.0-1011.12)
Ubuntu 20.04 (Focal Fossa):not-affected
Package
Upstream:released (5.1~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected (3.13.0-24.46~precise1)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.1~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):pending (4.4.0-164.192~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.1~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needs-triage now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):pending (4.15.0-1056.65)
Ubuntu 19.04 (Disco Dingo):pending (4.15.0-1056.65)
Ubuntu 19.10 (Eoan Ermine):pending (4.15.0-1059.68)
Ubuntu 20.04 (Focal Fossa):not-affected
Package
Upstream:released (5.1~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):pending (5.0.0-1015.16)
Ubuntu 19.04 (Disco Dingo):pending (5.0.0-1015.16)
Ubuntu 19.10 (Eoan Ermine):pending (5.0.0-1018.20)
Ubuntu 20.04 (Focal Fossa):not-affected
Package
Upstream:released (5.1~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):pending (4.15.0-1022.25~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):pending (4.15.0-1022.25)
Ubuntu 19.04 (Disco Dingo):pending (5.0.0-1004.8)
Ubuntu 19.10 (Eoan Ermine):not-affected (5.3.0-1002.2)
Ubuntu 20.04 (Focal Fossa):not-affected
Package
Upstream:released (5.1~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.0.0-1007.12~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.1~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):pending (4.4.0-1117.126)
Ubuntu 18.04 LTS (Bionic Beaver):pending (4.15.0-1044.47)
Ubuntu 19.04 (Disco Dingo):pending (5.0.0-1013.13)
Ubuntu 19.10 (Eoan Ermine):not-affected (5.0.0-1013.13)
Ubuntu 20.04 (Focal Fossa):not-affected
Package
Upstream:released (5.1~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):pending (4.4.0-1121.127)
Ubuntu 18.04 LTS (Bionic Beaver):pending (4.15.0-1062.69)
Ubuntu 19.04 (Disco Dingo):pending (5.0.0-1017.18)
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
More Information

Updated: 2019-12-06 01:15:30 UTC (commit be3411dae570c7f9feeb8a3a68f54cc16c0d19d7)