TROYANOSYVIRUS
Retour aux CVEs

CVE-2019-3874

MEDIUM
6.5

Description

The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.

Details CVE

Score CVSS v3.16.5
SeveriteMEDIUM
Vecteur CVSSCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vecteur d'attaqueADJACENT_NETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie3/25/2019
Derniere modification11/21/2024
Sourcenvd
Observations honeypot0

Produits affectes

canonical:ubuntu_linuxdebian:debian_linuxlinux:linux_kernelnetapp:active_iq_unified_manager_for_vmware_vspherenetapp:cn1610netapp:cn1610_firmwarenetapp:hci_management_nodenetapp:snapprotectnetapp:solidfireredhat:enterprise_linux

Faiblesses (CWE)

CWE-400

References

https://access.redhat.com/errata/RHSA-2019:3309(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2019:3517(secalert@redhat.com)
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3874(secalert@redhat.com)
https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html(secalert@redhat.com)
https://security.netapp.com/advisory/ntap-20190411-0003/(secalert@redhat.com)
https://usn.ubuntu.com/3979-1/(secalert@redhat.com)
https://usn.ubuntu.com/3980-1/(secalert@redhat.com)
https://usn.ubuntu.com/3980-2/(secalert@redhat.com)
https://usn.ubuntu.com/3981-1/(secalert@redhat.com)
https://usn.ubuntu.com/3981-2/(secalert@redhat.com)
https://usn.ubuntu.com/3982-1/(secalert@redhat.com)
https://usn.ubuntu.com/3982-2/(secalert@redhat.com)
https://www.oracle.com/security-alerts/cpuApr2021.html(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2019:3309(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2019:3517(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3874(af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html(af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20190411-0003/(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/3979-1/(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/3980-1/(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/3980-2/(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/3981-1/(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/3981-2/(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/3982-1/(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/3982-2/(af854a3a-2127-422b-91ae-364da2661108)
https://www.oracle.com/security-alerts/cpuApr2021.html(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.