CVE-2019-11683
Description
udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x before 5.0.13 allows remote attackers to cause a denial of service (slab-out-of-bounds memory corruption) or possibly have unspecified other impact via UDP packets with a 0 payload, because of mishandling of padded packets, aka the GRO packet of death issue.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
10.375
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Linux kernel (0051-1) linux-image-aws_5.0.0.1006.6_amd64.deb | Linux |
| Linux kernel (0051-1) linux-image-gcp_5.0.0.1006.6_amd64.deb | Linux |
| Linux kernel (0051-1) linux-image-gke_5.0.0.1006.6_amd64.deb | Linux |
| Linux kernel (0051-1) linux-image-kvm_5.0.0.1006.6_amd64.deb | Linux |
| Linux kernel (0051-1) linux-image-azure_5.0.0.1006.6_amd64.deb | Linux |
| Linux kernel (0051-1) linux-image-generic_5.0.0.15.16_i386.deb | Linux |
| Linux kernel (0051-1) linux-image-generic_5.0.0.15.16_amd64.deb | Linux |
| Linux kernel (0051-1) linux-image-virtual_5.0.0.15.16_i386.deb | Linux |
| Linux kernel (0051-1) linux-image-virtual_5.0.0.15.16_amd64.deb | Linux |
| Linux kernel (0051-1) linux-image-lowlatency_5.0.0.15.16_i386.deb | Linux |
| Linux kernel (0051-1) linux-image-lowlatency_5.0.0.15.16_amd64.deb | Linux |
| Linux kernel (0051-1) linux-image-5.0.0-1006-aws_5.0.0-1006.6_amd64.deb | Linux |
| Linux kernel (0051-1) linux-image-5.0.0-1006-gcp_5.0.0-1006.6_amd64.deb | Linux |
| Linux kernel (0051-1) linux-image-5.0.0-1006-kvm_5.0.0-1006.6_amd64.deb | Linux |
| Linux kernel (0051-1) linux-image-5.0.0-1006-azure_5.0.0-1006.6_amd64.deb | Linux |
| Linux kernel (0051-1) linux-image-5.0.0-15-generic_5.0.0-15.16_i386.deb | Linux |
| Linux kernel (0051-1) linux-image-5.0.0-15-generic_5.0.0-15.16_amd64.deb | Linux |
| Linux kernel (0051-1) linux-image-5.0.0-15-lowlatency_5.0.0-15.16_i386.deb | Linux |
| Linux kernel (0051-1) linux-image-5.0.0-15-lowlatency_5.0.0-15.16_amd64.deb | Linux |
| Linux kernel (USN-3979-1) linux-image-5.0.0-1006-aws_5.0.0-1006.6_amd64.deb | Linux |
| Linux kernel (USN-3979-1) linux-image-5.0.0-1006-gcp_5.0.0-1006.6_amd64.deb | Linux |
| Linux kernel (USN-3979-1) linux-image-5.0.0-1006-kvm_5.0.0-1006.6_amd64.deb | Linux |
| Linux kernel (USN-3979-1) linux-image-5.0.0-1006-azure_5.0.0-1006.6_amd64.deb | Linux |
| Linux kernel (USN-3979-1) linux-image-5.0.0-15-generic_5.0.0-15.16_i386.deb | Linux |
| Linux kernel (USN-3979-1) linux-image-5.0.0-15-generic_5.0.0-15.16_amd64.deb | Linux |
| Linux kernel (USN-3979-1) linux-image-5.0.0-15-lowlatency_5.0.0-15.16_i386.deb | Linux |
| Linux kernel (USN-3979-1) linux-image-5.0.0-15-lowlatency_5.0.0-15.16_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234