3 matches found
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003672)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003672 advisory. Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more th...
Security Bulletin: IBM RackSwitch firmware products are affected by TCP denial of service vulnarabilities
Summary The IBM RackSwitch firmware products listed below have addressed the following TCP denial of service vulnerabilities. Vulnerability Details CVEID: CVE-2019-11478 DESCRIPTION: Jonathan Looney discovered that the TCP retransmission queue implementation in tcpfragment in the Linux kernel cou...
CVE-2019-11479
Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kerne...