retired/CVE-2019-11815


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

Description: net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock()
References:
Notes:
 bwh> Introduced in 4.3 by commit 467fa15356ac "RDS-TCP: Support multiple
 bwh> RDS-TCP listen endpoints, one per netns."  Debian disables auto-
 bwh> loading of rds which mitigates this on systems that don't normally
 bwh> use it.
Bugs: https://bugs.debian.org/928989
upstream: released (5.1-rc4) [cb66ddd156203daefb8d71158036b27b0e2caf63]
4.19-upstream-stable: released (4.19.35) [78b4bf26a8a76569fd6d0b47d98fb553c333b06f]
4.9-upstream-stable: released (4.9.169) [a1aa69beac4d88dfb892a95ee04fe6f932803952]
3.16-upstream-stable: N/A "Vulnerable code introduced later"
sid: released (4.19.37-1)
4.9-stretch-security: released (4.9.168-1+deb9u3) [bugfix/all/net-rds-force-to-destroy-connection-if-t_sock-is-nul.patch]
3.16-jessie-security: N/A "Vulnerable code introduced later"