SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1527-1) (SACK Panic) (SACK Slowness)

The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.180 to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-11477: A sequence of SACKs may have been crafted such that one can trigger an integer overflow, leading to a kernel panic. bsc1137586...

Debian DLA-1823-1 : linux security update (SACK Panic) (SACK Slowness)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2019-3846, CVE-2019-10126 huangwen reported multiple buffer overflows in the Marvell wifi mwifiex driver, which a local user could use to cause...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:1529-1) (SACK Panic) (SACK Slowness)

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-11477: A sequence of SACKs may have been crafted such that one can trigger an integer overflow, leading to a kernel panic. CVE-2019-11478: It was possible to...

SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2019:1530-1) (SACK Panic) (SACK Slowness)

The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-11477: A sequence of SACKs may have been crafted such that one can trigger an integer overflow, leading to a kernel panic. CVE-2019-11478: It was possibl...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:1535-1) (SACK Panic) (SACK Slowness)

The SUSE Linux Enterprise 15 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-11477: A sequence of SACKs may have been crafted such that one can trigger an integer overflow, leading to a kernel panic. CVE-2019-11478: It was...

Amazon Linux AMI : kernel (ALAS-2019-1222) (SACK Panic) (SACK Slowness)

CVE-2019-11477 , CVE-2019-11478 and CVE-2019-11479 describe vulnerabilities in the Linux kernel that can be remotely exploited using a specially crafted TCP connection, crashing the targeted system. The latest Amazon Linux AMIs as available in AWS EC2 already contain these kernels and are not...

RHEL 7 : kernel (RHSA-2019:1482)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1482 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: An integer overflow flaw was found in...

SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1536-1) (SACK Panic) (SACK Slowness)

The SUSE Linux Enterprise 12 SP4 kernel was updated to 4.12.14 to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-11477: A sequence of SACKs may have been crafted such that one can trigger an integer overflow, leading to a kernel panic. CVE-2019-11479: An...

Vulnerabilities fixed in Linux kernel (SACK PANIC)

Netflix has identified a number of vulnerabilities in the Linux kernel. A malicious party could potentially exploit them to cause a denial-of-service. The vulnerabilities relate to the "minimum segment size" MMS and TCP Selective Acknowledgement SACK capabilities. The most serious of these...

Amazon Linux 2 : kernel (ALAS-2019-1222) (SACK Panic) (SACK Slowness)

CVE-2019-11477 , CVE-2019-11478 and CVE-2019-11479 describe vulnerabilities in the Linux kernel that can be remotely exploited using a specially crafted TCP connection, crashing the targeted system. The latest Amazon Linux 2 AMIs as available in AWS EC2 already contain these kernels and are not...

[SECURITY] [DLA 1823-1] linux security update

Package : linux Version : 3.16.68-2 CVE ID : CVE-2019-3846 CVE-2019-5489 CVE-2019-10126 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 CVE-2019-11810 CVE-2019-11833 CVE-2019-11884 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of...

SUSE-SU-2019:1534-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP2 kernel version 4.4.121 was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel...

SUSE-SU-2019:1530-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-11477: A sequence of SACKs may have been crafted such that one can trigger an integer overflow, leading to a kernel panic. - CVE-2019-11478: It was...

SUSE-SU-2019:1527-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.180 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-11477: A sequence of SACKs may have been crafted such that one can trigger an integer overflow, leading to a kernel panic. bsc1137586 -...

[ASA-201906-12] linux-hardened: denial of service

Arch Linux Security Advisory ASA-201906-12 ========================================== Severity: High Date : 2019-06-17 CVE-ID : CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 Package : linux-hardened Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-986 Summary =======...

CVE-2018-7191

CVE-2018-7191 affects the Linux kernel tun subsystem prior to 4.13.14. Root cause: dev_get_valid_name is not called before register_netdevice, enabling a local user to trigger a NULL pointer dereference via ioctl(TUNSETIFF) with a device name containing a “/” character, potentially causing a deni...

Denial Of Service (DoS)

Linux kernel is vulnerable to denial of serviceDoS attacks. The xfsdinodeverify function in fs/xfs/libxfs/xfsinodebuf.c in the Linux kernel could cause a NULL pointer dereference in xfsilockattrmapshared function. An attacker could exploit this by mounting a crafted xfs filesystem image to cause ...

SUSE-SU-2019:1240-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 for Azure kernel was updated to receive various security and bugfixes. Four new speculative execution issues have been identified in Intel CPUs. bsc1111331 - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling MSBDS - CVE-2018-12127: Microarchitectural Fill...

FreeBSD -- IPv6 fragment reassembly panic in pf(4)

Problem Description: A bug in the pf4 IPv6 fragment reassembly logic incorrectly uses the last extension header offset from the last received packet instead of from the first packet. Impact: Malicious IPv6 packets with different IPv6 extensions could cause a kernel panic or potentially a filterin...

FreeBSD-SA-19:05.pf

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-19:05.pf Security Advisory The FreeBSD Project Topic: IPv6 fragment reassembly panic in pf4 Category: contrib Module: pf Announced: 2019-05-14 Credits: Synackti...