Rapid7’s 2026 Global Cybersecurity Summit is now available on-demand.Watch sessions.
Rapid7

vulnerability

Red Hat: CVE-2019-6477: TCP Pipelining doesn't limit TCP clients on a single connection (Multiple Advisories)

Try Surface Command
Back to search
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Nov 26, 2019
Added
Apr 1, 2020
Modified
Mar 27, 2026

Description

With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been provisioned to handle. When a TCP connection with a large number of pipelined queries is closed, the load on the server releasing these multiple resources can cause it to become unresponsive, even for queries that can be answered authoritatively or from cache. (This is most likely to be perceived as an intermittent server problem).

Solutions

redhat-upgrade-bindredhat-upgrade-bind-chrootredhat-upgrade-bind-debuginforedhat-upgrade-bind-debugsourceredhat-upgrade-bind-develredhat-upgrade-bind-export-develredhat-upgrade-bind-export-libsredhat-upgrade-bind-export-libs-debuginforedhat-upgrade-bind-libsredhat-upgrade-bind-libs-debuginforedhat-upgrade-bind-libs-literedhat-upgrade-bind-libs-lite-debuginforedhat-upgrade-bind-licenseredhat-upgrade-bind-lite-develredhat-upgrade-bind-pkcs11redhat-upgrade-bind-pkcs11-debuginforedhat-upgrade-bind-pkcs11-develredhat-upgrade-bind-pkcs11-libsredhat-upgrade-bind-pkcs11-libs-debuginforedhat-upgrade-bind-pkcs11-utilsredhat-upgrade-bind-pkcs11-utils-debuginforedhat-upgrade-bind-sdbredhat-upgrade-bind-sdb-chrootredhat-upgrade-bind-sdb-debuginforedhat-upgrade-bind-utilsredhat-upgrade-bind-utils-debuginforedhat-upgrade-python3-bind

References

Title
Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report