CVE-2019-11683
Published: 2 May 2019
udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x before 5.0.13 allows remote attackers to cause a denial of service (slab-out-of-bounds memory corruption) or possibly have unspecified other impact via UDP packets with a 0 payload, because of mishandling of padded packets, aka the "GRO packet of death" issue.
From the Ubuntu Security Team
It was discovered that the IPv4 generic receive offload (GRO) for UDP implementation in the Linux kernel did not properly handle padded packets. A remote attacker could use this to cause a denial of service (system crash).
Notes
| Author | Note |
|---|---|
| tyhicks | The receiving socket has to have the UDP_GRO socket option explicitly enabled with a call to setsockopt(2). UDP sockets are not vulnerable to this attack by default. |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
linux Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.13.0-16.19)
|
| cosmic |
Not vulnerable
(4.15.0-20.21)
|
|
| disco |
Released
(5.0.0-15.16)
|
|
| upstream |
Not vulnerable
(debian: Vulnerable code introduced later)
|
|
| xenial |
Not vulnerable
(4.2.0-16.19)
|
|
|
Patches: Introduced by e20cf8d3f1f763ad28a9cb3b41305b8a8a42653e |
||
|
linux-goldfish Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| cosmic |
Does not exist
|
|
| disco |
Does not exist
|
|
| upstream |
Released
(5.1)
|
|
| xenial |
Ignored
(end of life)
|
|
|
linux-flo Launchpad, Ubuntu, Debian |
upstream |
Released
(5.1)
|
| xenial |
Ignored
(abandoned)
|
|
| bionic |
Does not exist
|
|
| cosmic |
Does not exist
|
|
| disco |
Does not exist
|
|
|
linux-aws Launchpad, Ubuntu, Debian |
upstream |
Released
(5.1)
|
| xenial |
Not vulnerable
(4.4.0-1001.10)
|
|
| bionic |
Not vulnerable
(4.15.0-1001.1)
|
|
| cosmic |
Not vulnerable
(4.15.0-1007.7)
|
|
| disco |
Released
(5.0.0-1006.6)
|
|
|
linux-azure Launchpad, Ubuntu, Debian |
upstream |
Released
(5.1)
|
| xenial |
Not vulnerable
(4.11.0-1009.9)
|
|
| bionic |
Not vulnerable
(4.15.0-1002.2)
|
|
| cosmic |
Not vulnerable
(4.15.0-1009.9)
|
|
| disco |
Released
(5.0.0-1006.6)
|
|
|
linux-azure-edge Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.15.0-1002.2)
|
| cosmic |
Does not exist
|
|
| disco |
Does not exist
|
|
| upstream |
Released
(5.1)
|
|
| xenial |
Not vulnerable
(4.11.0-1009.9)
|
|
|
linux-aws-hwe Launchpad, Ubuntu, Debian |
upstream |
Released
(5.1)
|
| xenial |
Not vulnerable
(4.15.0-1030.31~16.04.1)
|
|
| bionic |
Does not exist
|
|
| cosmic |
Does not exist
|
|
| disco |
Does not exist
|
|
|
linux-oracle Launchpad, Ubuntu, Debian |
upstream |
Released
(5.1)
|
| bionic |
Not vulnerable
(4.15.0-1007.9)
|
|
| cosmic |
Not vulnerable
(4.15.0-1007.9)
|
|
| disco |
Not vulnerable
(4.15.0-1007.9)
|
|
| xenial |
Not vulnerable
(4.15.0-1007.9~16.04.1)
|
|
|
linux-euclid Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| cosmic |
Does not exist
|
|
| disco |
Does not exist
|
|
| upstream |
Released
(5.1)
|
|
| xenial |
Ignored
(end of life, was needs-triage)
|
|
|
linux-gcp Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.15.0-1001.1)
|
| cosmic |
Not vulnerable
(4.15.0-1006.6)
|
|
| disco |
Released
(5.0.0-1006.6)
|
|
| upstream |
Released
(5.1)
|
|
| xenial |
Not vulnerable
(4.10.0-1004.4)
|
|
|
linux-gcp-edge Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.18.0-1004.5~18.04.1)
|
| cosmic |
Does not exist
|
|
| disco |
Does not exist
|
|
| upstream |
Released
(5.1)
|
|
| xenial |
Does not exist
|
|
|
linux-gke Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| cosmic |
Does not exist
|
|
| disco |
Does not exist
|
|
| upstream |
Released
(5.1)
|
|
| xenial |
Ignored
(end of standard support)
|
|
|
linux-gke-4.15 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.15.0-1030.32)
|
| disco |
Does not exist
|
|
| upstream |
Released
(5.1)
|
|
| xenial |
Does not exist
|
|
|
linux-gke-5.0 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(5.0.0-1011.11~18.04.1)
|
| disco |
Does not exist
|
|
| upstream |
Released
(5.1)
|
|
| xenial |
Does not exist
|
|
|
linux-grouper Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| cosmic |
Does not exist
|
|
| disco |
Does not exist
|
|
| upstream |
Released
(5.1)
|
|
| xenial |
Does not exist
|
|
|
linux-hwe Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.18.0-13.14~18.04.1)
|
| cosmic |
Does not exist
|
|
| disco |
Does not exist
|
|
| upstream |
Released
(5.1)
|
|
| xenial |
Not vulnerable
(4.8.0-36.36~16.04.1)
|
|
|
linux-hwe-edge Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(5.0.0-15.16~18.04.1)
|
| cosmic |
Does not exist
|
|
| disco |
Does not exist
|
|
| upstream |
Released
(5.1)
|
|
| xenial |
Not vulnerable
(4.8.0-36.36~16.04.1)
|
|
|
linux-kvm Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.15.0-1002.2)
|
| cosmic |
Not vulnerable
(4.15.0-1008.8)
|
|
| disco |
Released
(5.0.0-1006.6)
|
|
| upstream |
Released
(5.1)
|
|
| xenial |
Not vulnerable
(4.4.0-1004.9)
|
|
|
linux-lts-trusty Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| cosmic |
Does not exist
|
|
| disco |
Does not exist
|
|
| upstream |
Released
(5.1)
|
|
| xenial |
Does not exist
|
|
|
linux-lts-utopic Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| cosmic |
Does not exist
|
|
| disco |
Does not exist
|
|
| upstream |
Released
(5.1)
|
|
| xenial |
Does not exist
|
|
|
linux-lts-vivid Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| cosmic |
Does not exist
|
|
| disco |
Does not exist
|
|
| upstream |
Released
(5.1)
|
|
| xenial |
Does not exist
|
|
|
linux-lts-wily Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| cosmic |
Does not exist
|
|
| disco |
Does not exist
|
|
| upstream |
Released
(5.1)
|
|
| xenial |
Does not exist
|
|
|
linux-lts-xenial Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| cosmic |
Does not exist
|
|
| disco |
Does not exist
|
|
| upstream |
Released
(5.1)
|
|
| xenial |
Does not exist
|
|
|
linux-maguro Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| cosmic |
Does not exist
|
|
| disco |
Does not exist
|
|
| upstream |
Released
(5.1)
|
|
| xenial |
Does not exist
|
|
|
linux-mako Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| cosmic |
Does not exist
|
|
| disco |
Does not exist
|
|
| upstream |
Released
(5.1)
|
|
| xenial |
Ignored
(abandoned)
|
|
|
linux-manta Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| cosmic |
Does not exist
|
|
| disco |
Does not exist
|
|
| upstream |
Released
(5.1)
|
|
| xenial |
Does not exist
|
|
|
linux-oem Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.15.0-1002.3)
|
| cosmic |
Not vulnerable
(4.15.0-1004.5)
|
|
| disco |
Not vulnerable
(4.15.0-1021.24)
|
|
| upstream |
Released
(5.1)
|
|
| xenial |
Ignored
(end of standard support, was needs-triage)
|
|
|
linux-raspi2 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.13.0-1005.5)
|
| cosmic |
Not vulnerable
(4.15.0-1010.11)
|
|
| disco |
Released
(5.0.0-1008.8)
|
|
| upstream |
Released
(5.1)
|
|
| xenial |
Not vulnerable
(4.2.0-1013.19)
|
|
|
linux-snapdragon Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.4.0-1077.82)
|
| cosmic |
Does not exist
|
|
| disco |
Released
(5.0.0-1012.12)
|
|
| upstream |
Released
(5.1)
|
|
| xenial |
Not vulnerable
(4.4.0-1012.12)
|
|
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 9.8 |
| Attack vector | Network |
| Attack complexity | Low |
| Privileges required | None |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11683
- http://www.openwall.com/lists/oss-security/2019/05/02/1
- https://git.kernel.org/linus/4dd2b82d5adfbe0b1587ccad7a8f76d826120f37
- https://www.spinics.net/lists/netdev/msg568315.html
- https://ubuntu.com/security/notices/USN-3979-1
- NVD
- Launchpad
- Debian