35 matches found
SA44193 - 2019-06: Out-of-Cycle Advisory: Multiple Linux Kernel and FreeBSD vulnerabilities
Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. On June 17 2019, Netflix announced a group of new security advisories related to Linux Kernel and FreeBSD. These issues may affect Pulse Secure products. For a list of supported softwa...
Arista Networks CloudVision Portal Linux Kernel TCP Multiple DoS (SA0041)
The version of Arista Networks CloudVision Portal running on the remote device is affected by the following denial of service DoS vulnerabilities related to TCP networking in the Linux kernel, which can be exploited by a remote, unauthenticated attacker: - SACK Panic. The TCPSKBCBskb-tcpgsosegs...
Arista Networks EOS Linux Kernel TCP Multiple DoS (SA0041)
The version of Arista Networks EOS running on the remote device is affected by the following denial of service DoS vulnerabilities related to TCP networking in the Linux kernel, which can be exploited by a remote, unauthenticated attacker: - SACK Panic. The TCPSKBCBskb-tcpgsosegs value is subject...
SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1935-1) (SACK Slowness)
This update for the Linux Kernel 3.12.74-6064115 fixes one issue. The following security issue was fixed : This update contains a regression fix for CVE-2019-11478 bsc1140747. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory...
SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1924-1) (SACK Panic) (SACK Slowness)
This update for the Linux Kernel 3.12.74-6064104 fixes several issues. The following security issues were fixed : CVE-2019-11477: Jonathan Looney discovered that the TCPSKBCBskb-tcpgsosegs value was subject to an integer overflow when handling TCP Selective Acknowledgments SACKs. A remote attacke...
SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1948-1) (SACK Panic) (SACK Slowness)
This update for the Linux Kernel 4.4.121-92104 fixes several issues. The following security issues were fixed : CVE-2019-11477: Jonathan Looney discovered that the TCPSKBCBskb-tcpgsosegs value was subject to an integer overflow when handling TCP Selective Acknowledgments SACKs. A remote attacker...
SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1870-1) (SACK Slowness)
The SUSE Linux Enterprise 12 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-5390 aka 'SegmentSmack': A remote attacker even with relatively low bandwidth could have caused lots of CPU usage by triggering the worst case scenario...
SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:1855-1) (SACK Slowness)
The SUSE Linux Enterprise 15 kernel version 4.12.14 was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-10638: Attackers used to be able to track the Linux kernel by the IP ID values the kernel produces for connection-less protocols. When such...
SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1692-1) (SACK Panic) (SACK Slowness)
The SUSE Linux Enterprise 12 kernel version 3.12.61 was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel pani...
SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1668-1) (SACK Panic) (SACK Slowness)
This update for the Linux Kernel 3.12.74-6064107 fixes several issues. The following security issues were fixed : CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless netwo...
SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1671-1) (SACK Panic) (SACK Slowness)
This update for the Linux Kernel 4.4.121-92104 fixes several issues. The following security issues were fixed : CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network...
RHEL 6 : kernel-rt (RHSA-2019:1487)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1487 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
openSUSE Security Update : the Linux Kernel (openSUSE-2019-1571) (SACK Panic) (SACK Slowness)
The openSUSE Leap 15.1 was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel panic. bsc1137586. -...
Fedora 30 : kernel / kernel-headers (2019-6c3d89b3d0) (SACK Panic) (SACK Slowness)
Update to v5.1.11 - Fixes CVE-2019-11477 - Fixes CVE-2019-11479 - Fixes CVE-2019-11478 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...
CentOS 6 : kernel (CESA-2019:1488) (SACK Panic) (SACK Slowness)
An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
CentOS 7 : kernel (CESA-2019:1481) (SACK Panic) (SACK Slowness)
An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Fedora 29 : kernel / kernel-headers (2019-914542e05c) (SACK Panic) (SACK Slowness)
Update to v5.1.11 - Fixes CVE-2019-11477 - Fixes CVE-2019-11479 - Fixes CVE-2019-11478 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...
OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0026) (SACK Panic) (SACK Slowness)
The remote OracleVM system is missing necessary patches to address critical security updates : - Add CVE numbers for CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 Chuck Anderson Orabug: 29890820 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 - tcp: fix...
openSUSE Security Update : the Linux Kernel (openSUSE-2019-1579) (SACK Panic) (SACK Slowness)
The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel panic. bsc1137586. -...
openSUSE Security Update : the Linux Kernel (openSUSE-2019-1570) (SACK Panic) (SACK Slowness)
Example: The openSUSE Leap 42.3 kernel was updated to 4.4.180 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel pani...