Ruckus Wireless ICX Switches Allocation of Resources Without Limits or Throttling (CVE-2019-11479)

high Tenable OT Security Plugin ID 503333

Synopsis

The remote OT asset is affected by a vulnerability.

Description

Three flaws were found in the Linux kernel's handling of TCP networking. The most severe vulnerability could allow a remote attacker to trigger a kernel panic in systems running the affected software and, as a result, impact the system's availability. The issues have been assigned multiple CVEs: CVE-2019-11479, CVE-2019-11478 and CVE-2019- 11479. They are all considered as HIGH severity. The first two are related to the Selective Acknowledgement (SACK) packets combined with Maximum Segment Size (MSS), the third solely with the Maximum Segment Size (MSS). A remote attacker can use these flaws to cause a denial of service (DoS) by sending a sequence of crafted packets on a TCP connection.


This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

Refer to the vendor advisory.

See Also

https://support.ruckuswireless.com/security_bulletins/297

Plugin Details

Severity: High

ID: 503333

Version: 1.1

Type: remote

Family: Tenable.ot

Published: 9/29/2025

Updated: 9/29/2025

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v3

Risk Factor: High

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vulnerability Information

CPE: cpe:/o:ruckussecurity:icx7150_series_firmware, cpe:/o:ruckussecurity:icx7850_series_firmware, cpe:/o:ruckussecurity:icx6430_series_firmware, cpe:/o:ruckussecurity:icx7750_series_firmware, cpe:/o:ruckussecurity:icx7450_series_firmware, cpe:/o:ruckussecurity:icx6610_series_firmware, cpe:/o:ruckussecurity:icx6450_series_firmware, cpe:/o:ruckussecurity:icx7650_series_firmware, cpe:/o:ruckussecurity:icx7250_series_firmware

Required KB Items: Tenable.ot/RuckusWireless

Exploit Ease: No known exploits are available

Patch Publication Date: 8/15/2019

Vulnerability Publication Date: 8/15/2019

Reference Information

CVE: CVE-2019-11479

CWE: 405, 770