← Back to CVEs
CVE-2019-3874
MEDIUM6.5
Description
The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.
CVE Details
CVSS v3.1 Score6.5
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack VectorADJACENT_NETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published3/25/2019
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
canonical:ubuntu_linuxdebian:debian_linuxlinux:linux_kernelnetapp:active_iq_unified_manager_for_vmware_vspherenetapp:cn1610netapp:cn1610_firmwarenetapp:hci_management_nodenetapp:snapprotectnetapp:solidfireredhat:enterprise_linux
Weaknesses (CWE)
CWE-400
References
https://access.redhat.com/errata/RHSA-2019:3309(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2019:3517(secalert@redhat.com)
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3874(secalert@redhat.com)
https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html(secalert@redhat.com)
https://security.netapp.com/advisory/ntap-20190411-0003/(secalert@redhat.com)
https://usn.ubuntu.com/3979-1/(secalert@redhat.com)
https://usn.ubuntu.com/3980-1/(secalert@redhat.com)
https://usn.ubuntu.com/3980-2/(secalert@redhat.com)
https://usn.ubuntu.com/3981-1/(secalert@redhat.com)
https://usn.ubuntu.com/3981-2/(secalert@redhat.com)
https://usn.ubuntu.com/3982-1/(secalert@redhat.com)
https://usn.ubuntu.com/3982-2/(secalert@redhat.com)
https://www.oracle.com/security-alerts/cpuApr2021.html(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2019:3309(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2019:3517(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3874(af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html(af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20190411-0003/(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/3979-1/(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/3980-1/(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/3980-2/(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/3981-1/(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/3981-2/(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/3982-1/(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/3982-2/(af854a3a-2127-422b-91ae-364da2661108)
https://www.oracle.com/security-alerts/cpuApr2021.html(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.