CVE-2019-5599
Linux / FreeBSD TCP-Based Denial of Service
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In FreeBSD 12.0-STABLE before r349197 and 12.0-RELEASE before 12.0-RELEASE-p6, a bug in the non-default RACK TCP stack can allow an attacker to cause several linked lists to grow unbounded and cause an expensive list traversal on every packet being processed, leading to resource exhaustion and a denial of service.
En FreeBSD versión 12.0-STABLE anterior a r349197 y versión 12.0-RELEASE anterior a 12.0-RELEASE-p6, un bug en la pila de RACK TCP no predeterminada puede permitir a un atacante causar que varias listas vinculadas crezcan sin límites y causar un salto de lista costoso en cada paquete procesado, lo que conlleva al agotamiento de los recursos y una denegación de servicio.
While processing acknowledgements, the RACK code uses several linked lists to maintain state entries. A malicious attacker can cause the lists to grow unbounded. This can cause an expensive list traversal on every packet being processed, leading to resource exhaustion and a denial of service. An attacker with the ability to send specially crafted TCP traffic to a victim system can degrade network performance and/or consume excessive CPU by exploiting the inefficiency of traversing the potentially very large RACK linked lists with relatively small bandwidth cost.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-01-07 CVE Reserved
- 2019-06-18 CVE Published
- 2024-08-04 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-770: Allocation of Resources Without Limits or Throttling
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| http://packetstormsecurity.com/files/153329/Linux-FreeBSD-TCP-Based-Denial-Of-Service.html | Third Party Advisory |
|
| http://packetstormsecurity.com/files/153378/FreeBSD-Security-Advisory-FreeBSD-SA-19-08.rack.html | Third Party Advisory |
|
| http://www.openwall.com/lists/oss-security/2019/06/17/5 | Mailing List |
|
| https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md | Mitigation | |
| https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44193 | Third Party Advisory | |
| https://security.netapp.com/advisory/ntap-20190625-0004 | Third Party Advisory |
|
| https://support.f5.com/csp/article/K75521003 | Third Party Advisory | |
| https://www.kb.cert.org/vuls/id/905115 | Third Party Advisory |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://seclists.org/bugtraq/2019/Jun/27 | 2020-08-24 |
| URL | Date | SRC |
|---|---|---|
| https://security.FreeBSD.org/advisories/FreeBSD-SA-19:08.rack.asc | 2020-08-24 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 12.0 Search vendor "Freebsd" for product "Freebsd" and version "12.0" | - |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 12.0 Search vendor "Freebsd" for product "Freebsd" and version "12.0" | p1 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 12.0 Search vendor "Freebsd" for product "Freebsd" and version "12.0" | p2 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 12.0 Search vendor "Freebsd" for product "Freebsd" and version "12.0" | p3 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 12.0 Search vendor "Freebsd" for product "Freebsd" and version "12.0" | p4 |
Affected
| ||||||
| Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 12.0 Search vendor "Freebsd" for product "Freebsd" and version "12.0" | p5 |
Affected
| ||||||