SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1668-1) (SACK Panic) (SACK Slowness)

This update for the Linux Kernel 3.12.74-6064107 fixes several issues. The following security issues were fixed : CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless netwo...

SUSE-SU-2019:1668-1 Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP1)

This update for the Linux Kernel 3.12.74-6064107 fixes several issues. The following security issues were fixed: - CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless...

SUSE-SU-2019:1588-1 Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-195 fixes several issues. The following security issues were fixed: - CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network...

RHEL 6 : kernel-rt (RHSA-2019:1487)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1487 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-1571) (SACK Panic) (SACK Slowness)

The openSUSE Leap 15.1 was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel panic. bsc1137586. -...

CentOS 7 : kernel (CESA-2019:1481) (SACK Panic) (SACK Slowness)

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:1550-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout) (SACK Panic) (SACK Slowness) (Spectre)

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-12819: The function mdiobusregister called putdevice, which triggered a fixedmdiobusinit use-after-free. This would cause a denial of service. bsc1138291...

CentOS 6 : kernel (CESA-2019:1488) (SACK Panic) (SACK Slowness)

An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-1579) (SACK Panic) (SACK Slowness)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel panic. bsc1137586. -...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-1570) (SACK Panic) (SACK Slowness)

Example: The openSUSE Leap 42.3 kernel was updated to 4.4.180 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel pani...

Fedora 30 : kernel / kernel-headers (2019-6c3d89b3d0) (SACK Panic) (SACK Slowness)

Update to v5.1.11 - Fixes CVE-2019-11477 - Fixes CVE-2019-11479 - Fixes CVE-2019-11478 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...

OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0026) (SACK Panic) (SACK Slowness)

The remote OracleVM system is missing necessary patches to address critical security updates : - Add CVE numbers for CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 Chuck Anderson Orabug: 29890820 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 - tcp: fix...

Fedora 29 : kernel / kernel-headers (2019-914542e05c) (SACK Panic) (SACK Slowness)

Update to v5.1.11 - Fixes CVE-2019-11477 - Fixes CVE-2019-11479 - Fixes CVE-2019-11478 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...

[slackware-security] kernel

New kernel packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/linux-4.4.182/: Upgraded. These updates fix various bugs and many security issues, including the "SACK Panic" remote denial-of-service...

Linux / FreeBSD TCP-Based Denial Of Service Vulnerability

Netflix has identified several TCP networking vulnerabilities in FreeBSD and Linux kernels. The vulnerabilities specifically relate to the minimum segment size MSS and TCP Selective Acknowledgement SACK capabilities. The most serious, dubbed "SACK Panic," allows a remotely-triggered kernel panic ...

RHEL 6 : kernel (RHSA-2019:1490)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1490 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: An integer overflow flaw was found in...

SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1534-1) (SACK Panic) (SACK Slowness)

The SUSE Linux Enterprise 12 SP2 kernel version 4.4.121 was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel...

SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1527-1) (SACK Panic) (SACK Slowness)

The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.180 to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-11477: A sequence of SACKs may have been crafted such that one can trigger an integer overflow, leading to a kernel panic. bsc1137586...

Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20190617) (SACK Panic) (SACK Slowness)

Security Fixes : - An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented. Each fragment is about TCP maximum...

Debian DLA-1823-1 : linux security update (SACK Panic) (SACK Slowness)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2019-3846, CVE-2019-10126 huangwen reported multiple buffer overflows in the Marvell wifi mwifiex driver, which a local user could use to cause...