Debian update for linux
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2019-13272 CVE-2019-11478 |
| CWE-ID | CWE-264 CWE-400 |
| Exploitation vector | Network |
| Public exploit | Vulnerability #1 is being exploited in the wild. |
| Vulnerable software |
linux (Debian package) Operating systems & Components / Operating system package or component |
| Vendor | Debian |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU19284
Risk: Low
CVSSv4.0: 7.3 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Clear]
CVE-ID: CVE-2019-13272
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: Yes
DescriptionUpdate linux package to one of the following versions: 4.9.168-1+deb9u4, 4.19.37-5+deb10u1.
Vulnerable software versionslinux (Debian package): 4.9.168-1+deb9u2 - 4.9.168-1+deb9u3
CPE2.3- cpe:2.3:o:debian:linux_debian_package:4.9.168-1 deb9u2:*:*:*:*:debian_linux:*:*
- cpe:2.3:o:debian:linux_debian_package:4.9.168-1 deb9u3:*:*:*:*:debian_linux:*:*
https://www.debian.org/security/2019/dsa-4484
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
2) Resource exhaustion
EUVDB-ID: #VU18946
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2019-11478
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform denial of service (DoS) attack.
The vulnerability exists due to an error when processing TCP Selective Acknowledgment (SACK) sequences within the Linux kernel TCP retransmission queue implementation in tcp_fragment. A remote non-authenticated attacker can send specially crafted network traffic to the affected system and perform a denial of service (DoS) attack.
Mitigation
Update linux package to one of the following versions: 4.9.168-1+deb9u4, 4.19.37-5+deb10u1.
Vulnerable software versionslinux (Debian package): 4.9.168-1+deb9u2 - 4.9.168-1+deb9u3
CPE2.3- cpe:2.3:o:debian:linux_debian_package:4.9.168-1 deb9u2:*:*:*:*:debian_linux:*:*
- cpe:2.3:o:debian:linux_debian_package:4.9.168-1 deb9u3:*:*:*:*:debian_linux:*:*
https://www.debian.org/security/2019/dsa-4484
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
