CVE-2019-11477 https://access.redhat.com/security/cve/CVE-2019-11477
An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments. While processing SACK segments, the Linux kernel's socket buffer (SKB) data structure becomes fragmented. Each fragment is about TCP maximum segment size (MSS) bytes. To efficiently process SACK blocks, the Linux kernel merges multiple fragmented SKBs into one, potentially overflowing the variable holding the number of segments. A remote attacker could use this flaw to crash the Linux kernel by sending a crafted sequence of SACK segments on a TCP connection with small value of TCP MSS, resulting in a denial of service (DoS).
An integer overflow was found in the TCP SACK process of the Kinux kernel's network subsystem. The Linux kernel socket buffer (SKB) data structure is fragmented during SACK segment processing. Each fragment is the TCP maximum segment size (MSS) bytes. To handle SACK blocks efficiently, the Linux kernel may merge into one of several fragmented SKBs and overflow the variable holding the number of segments. A remote attacker could take advantage of this bug to launch a DoS (denial of service) attack by sending a specially crafted sequence to the SACK segment over a small TCP connection in TCP MSS.
An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments.
Integer overflow found in tcp sack processing of network subsystem of kinux kernel
-integer overflow flaw translates as integer overflow --Preposition in (image inside the container) - was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments --"The way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments" explains "found" from behind.
While processing SACK segments, the Linux kernel's socket buffer (SKB) data structure becomes fragmented.
Linux kernel socket buffer during sack segment processing(skb)Data structure is fragmented
--Conjunction While (subordinate connection, image of contrast) - While processing SACK segments, the Linux kernel's socket buffer (SKB) data structure becomes fragmented --An image in which two events, "While processing SACK segments" and "the Linux kernel's socket buffer (SKB) data structure becomes fragmented." Are constructed.
Each fragment is about TCP maximum segment size (MSS) bytes.
Each fragment has a tcp maximum segment size(mss)Part-Time Job
To efficiently process SACK blocks, the Linux kernel merges multiple fragmented SKBs into one, potentially overflowing the variable holding the number of segments.
To handle sack blocks efficiently, the linux kernel may merge into one of multiple fragmented skbs and overflow the variable holding the number of segments.
--TO infinitive (to as subject) - To efficiently process SACK blocks --The TO infinitive at the noun position represents general content (that means) ――Efficient processing of SACK blocks means ~ --Preposition into (internal image) - multiple fragmented SKBs into one --In one of the internals of "multiple fragmented SKBs" --Preposition of (image of linking) - number of segments -Image linking numbers to segments
A remote attacker could use this flaw to crash the Linux kernel by sending a crafted sequence of SACK segments on a TCP connection with small value of TCP MSS, resulting in a denial of service (DoS).
A remote attacker could take advantage of this bug by sending a specially crafted sequence to the sack segment over a small tcp connection with tcp mss to dos.(Service denial)Raise an attack
--remote attacker translates as remote attacker ---- defect is translated as defect --Auxiliary verb could (represents potential power) - A remote attacker could use this flaw ――The image that "A remote attacker" can "potentially" use this bug --TO infinitive (pointing image) --"Use this flaw" is explained from behind by "crash the Linux kernel by sending a crafted sequence of SACK segments on a TCP connection with small value of TCP MSS" --Preposition by (image of close distance) - crash the Linux kernel by sending a crafted sequence --Image of "crash the Linux kernel" by the method of "sending a crafted sequence" --Preposition of (image to link) - sending a crafted sequence of SACK segments --Image of "sending a crafted sequence" linked to "SACK segments" --Preposition on (image of riding on) - SACK segments on a TCP connection --Image of "SACK segments" in contact with "TCP connection" --Preposition with (connecting image) - a TCP connection with small value --Image of "a TCP connection" and "small value" connected --Denial of service (DoS) translates as DoS (denial of service) attack
--Combine multiple sentences to create a flow --There are two rhythms, coordination and subordination. --Coordination is an image of = --Subordinate connection is an image of contrast
--Add the psychology of the teller to the sentence
--Small words that indicate positional relationships ――The image spreads explosively just to show a very simple positional relationship
――Image of lively and dynamic feeling --Simultaneity --Subject, object, modifier
--to + verb prototype --Same pointing image as the preposition to --With subject, object, modifier, it, etc.
Recommended Posts