Rewterz Threat Alert – Agent Tesla Email Campaign Stealing Information
June 17, 2019Rewterz Threat Advisory – CVE-2019-1040 – Windows NTLM Tampering Vulnerability
June 18, 2019Rewterz Threat Alert – Agent Tesla Email Campaign Stealing Information
June 17, 2019Rewterz Threat Advisory – CVE-2019-1040 – Windows NTLM Tampering Vulnerability
June 18, 2019Severity
Medium
Analysis Summary
1) An integer overflow error related to the “tcp_shifted_skb()” function (net/ipv4/tcp_input.c) when handling TCP Selective Acknowledgement (SACK) segments with minimum TCP MSS values can be exploited to cause a crash via specially crafted SACKs.
2) An error related to the “tcp_fragment()” function (net/ipv4/tcp_output.c) can be exploited to exhaust available memory resources via specially crafted SACKs.
3) An error related to the “tcp_mtu_probing()” function (net/ipv4/tcp_timer.c) when handling minimum TCP MSS values can be exploited to cause a DoS condition.
CVE-2019-11479
CVE-2019-11478
CVE-2019-11477
Impact
Denial of Service
Affected Vendors
Linux
Affected Products
- Linux Kernel 3.16.x
- Linux Kernel 4.4.x
- Linux Kernel 4.9.x
- Linux Kernel 4.14.x
- Linux Kernel 4.19.x
- Linux Kernel 5.1.x
Remediation
Update to a fixed version if available.
Versions 5.1.x:
Update to version 5.1.11.
Versions 4.19.x:
Update to version 4.19.52.
Versions 4.14.x:
Update to version 4.14.127.
Versions 4.9.x:
Update to version 4.9.182.
Versions 4.4.x:
Update to version 4.4.182.
Versions 3.16.x:
No official solution is currently available.