VMwareVMSA-2019-0010.3VMware product updates address Linux kernel vulnerabilities in TCP Selective Acknowledgement (SACK) (CVE-2019-11477, CVE-2019-11478)
0.972 High
EPSS
Percentile
99.8%
3. Linux kernel vulnerabilities in TCP Selective Acknowledgement (SACK) CVE-2019-11477, CVE-2019-11478
CVE-2019-11477 - SACK Panic - A sequence of SACKs may be crafted such that one can trigger an integer overflow, leading to a kernel panic. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.5. CVE-2019-11478 - SACK Excess Resource Usage - a crafted sequence of SACKs will fragment the TCP retransmission queue, causing resource exhaustion. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11477
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11478
docs.vmware.com/en/VMware-AppDefense/221/rn/appdefense-plugin-221-release-notes.html
docs.vmware.com/en/VMware-Enterprise-PKS/1.3/rn/VMware-PKS-13-Release-Notes.html#v1.3.7
github.com/vmware/container-service-extension/releases/tag/2.5.0
kb.vmware.com/s/article/70892
kb.vmware.com/s/article/70899
kb.vmware.com/s/article/70900
kb.vmware.com/s/article/71029
kb.vmware.com/s/article/71311
kb.vmware.com/s/article/77078
kb.vmware.com/s/article/77201
my.vmware.com/en/web/vmware/downloads/details?downloadGroup=VRLI-811&productId=993&rPId=47157
my.vmware.com/en/web/vmware/downloads/details?downloadGroup=VROPS-800&productId=940&rPId=40733
my.vmware.com/en/web/vmware/info/slug/datacenter_cloud_infrastructure/vmware_hcx/3_5_2
my.vmware.com/web/vmware/details?downloadGroup=APPDEFENSE-221&productId=742&rPId=35078
my.vmware.com/web/vmware/details?downloadGroup=SD-WAN-EDGE-330&productId=899&rPId=34579
my.vmware.com/web/vmware/details?downloadGroup=SD-WAN-ORC-330-2&productId=899&rPId=34580
my.vmware.com/web/vmware/details?downloadGroup=SD-WAN-VCG-330&productId=899&rPId=34582
my.vmware.com/web/vmware/details?downloadGroup=SRM8201&productId=889&rPId=35694
my.vmware.com/web/vmware/details?downloadGroup=UAG-36&productId=897&rPId=34577
my.vmware.com/web/vmware/details?downloadGroup=UMSV41&productId=929&rPId=37630
my.vmware.com/web/vmware/details?downloadGroup=VC60U3J&productId=491&rPId=38009
my.vmware.com/web/vmware/details?downloadGroup=VC65U3&productId=614&rPId=34639
my.vmware.com/web/vmware/details?downloadGroup=VC67U2C&productId=742&rPId=34693
my.vmware.com/web/vmware/details?downloadGroup=VCAV3&productId=872&rPId=34687
my.vmware.com/web/vmware/details?downloadGroup=VIDM_ONPREM_3310&productId=938&rPId=40716
my.vmware.com/web/vmware/details?downloadGroup=VIO-4123&productId=709&rPId=36084
my.vmware.com/web/vmware/details?downloadGroup=VIO-5103&productId=821&rPId=36089
my.vmware.com/web/vmware/details?downloadGroup=VR6514&productId=614&rPId=35279
my.vmware.com/web/vmware/details?downloadGroup=VR8201&productId=742&rPId=35626
my.vmware.com/web/vmware/details?downloadGroup=VRNI-420&productId=832&rPId=35011
my.vmware.com/web/vmware/details?productId=804&downloadGroup=VSPP_VCD9504
my.vmware.com/web/vmware/details?productId=843&rPId=37633&downloadGroup=VIC153
my.vmware.com/web/vmware/details?productId=867&downloadGroup=VSPP_VCD9702
my.vmware.com/web/vmware/details?productId=938&rPId=40713&downloadGroup=VRSLCM-800
network.pivotal.io/products/pivotal-container-service/#/releases/384407
network.pivotal.io/products/pivotal-container-service/#/releases/473809
Related
