Search Results (Refine Search)
- CPE Product Version: cpe:/o:linux:linux_kernel:5.1:rc5
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-18805 |
An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6. Published: November 07, 2019; 9:15:11 AM -0500 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2019-3900 |
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could use this flaw to stall the vhost_net kernel thread, resulting in a DoS scenario. Published: April 25, 2019; 11:29:00 AM -0400 |
V3.1: 7.7 HIGH V2.0: 6.8 MEDIUM |