Lucene search
K

210 matches found

nessus
nessus
added 2019/07/24 12:0 a.m.39 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1935-1) (SACK Slowness)

This update for the Linux Kernel 3.12.74-6064115 fixes one issue. The following security issue was fixed : This update contains a regression fix for CVE-2019-11478 bsc1140747. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory...

7.5CVSS6.7AI score0.94686EPSS
Exploits1References4
nessus
nessus
added 2019/07/19 12:0 a.m.245 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1870-1) (SACK Slowness)

The SUSE Linux Enterprise 12 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-5390 aka 'SegmentSmack': A remote attacker even with relatively low bandwidth could have caused lots of CPU usage by triggering the worst case scenario...

9.3CVSS6.6AI score0.94686EPSS
Exploits3References26
nessus
nessus
added 2019/07/17 12:0 a.m.39 views

Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (SACK Panic) (SACK Slowness)

Based on the RPM metadata this appears to be a security kernel. The RPM changelog shows fixes related to Security Fixes : - An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, t...

7.8CVSS6.9AI score0.98745EPSS
Exploits4References5
nessus
nessus
added 2019/07/16 12:0 a.m.49 views

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:1855-1) (SACK Slowness)

The SUSE Linux Enterprise 15 kernel version 4.12.14 was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-10638: Attackers used to be able to track the Linux kernel by the IP ID values the kernel produces for connection-less protocols. When such...

9.8CVSS6.9AI score0.94686EPSS
Exploits4References110
nessus
nessus
added 2019/07/09 12:0 a.m.65 views

EulerOS Virtualization for ARM 64 3.0.2.0 : kernel (EulerOS-SA-2019-1702)

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the...

7.8CVSS6.5AI score0.98745EPSS
Exploits4References6
redhat
redhat
added 2019/07/08 9:19 a.m.2 views

Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service

An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented, which leads to increased resource...

7.5CVSS7.2AI score0.94686EPSS
Exploits1References6
redhat
redhat
added 2019/07/08 9:19 a.m.4 views

Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service

An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented. Each fragment is about TCP maximum segment size MSS...

7.8CVSS7.3AI score0.98745EPSS
Exploits4References6
cloudfoundry
cloudfoundry
added 2019/07/03 12:0 a.m.154 views

USN-4017-1: Linux kernel vulnerabilities | Cloud Foundry

Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description Jonathan Looney discovered that the TCP retransmission queue implementation in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment SACK sequences. A remote attacker could...

7.8CVSS6.7AI score0.98745EPSS
Exploits4
vmware
vmware
added 2019/07/02 12:0 a.m.74 views

VMware product updates address Linux kernel vulnerabilities in TCP Selective Acknowledgement (SACK) (CVE-2019-11477, CVE-2019-11478)

3. Linux kernel vulnerabilities in TCP Selective Acknowledgement SACK CVE-2019-11477, CVE-2019-11478 CVE-2019-11477 - SACK Panic - A sequence of SACKs may be crafted such that one can trigger an integer overflow, leading to a kernel panic. VMware has evaluated the severity of this issue to be in...

7.8CVSS7.8AI score0.98745EPSS
Exploits4References38Affected Software31
nessus
nessus
added 2019/07/02 12:0 a.m.64 views

EulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-1692)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. Whil...

7.8CVSS6.8AI score0.98745EPSS
Exploits4References5
vmware
vmware
added 2019/07/01 12:0 a.m.101 views

VMSA-2019-0010:VMware product updates address Linux kernel vulnerabilities in TCP Selective Acknowledgement (SACK)

VMware Security Advisories Advisory ID| VMSA-2019-0010.3 ---|--- Advisory Severity| Important CVSSv3 Range| 5.3 - 7.5 Synopsis| VMware product updates address Linux kernel vulnerabilities in TCP Selective Acknowledgement SACK CVE-2019-11477, CVE-2019-11478 Issue Date| 2019-07-02 Updated On|...

7.8CVSS8.4AI score0.98745EPSS
Exploits4References95Affected Software31
mscve
mscve
added 2019/06/28 7:0 a.m.78 views

Linux Kernel TCP SACK Denial of Service Vulnerability

Executive Summary Known vulnerabilities exist in the Linux kernel. These vulnerabilities are documented by the following CVEs: CVE-2019-11477, CVE-2019-11478, and CVE-2019-11479. The purpose of this advisory is to explain the various effects of these vulnerabilities and to provide links to more...

7.8CVSS7.3AI score0.98745EPSS
Exploits4
kaspersky
kaspersky
added 2019/06/28 12:0 a.m.12 views

KLA11586 Linux Kernel TCP SACK Denial of Service Vulnerability

Various vulnerabilities was found in Linux Kernel. Microsoft adresses the various effects of these vulnerabilities and provides links to more information: 1. If you are running a Linux kernel in your Azure environment, you should contact the provider of that Linux kernel to understand their...

7.3AI score
Exploits0References6
paloalto
paloalto
added 2019/06/27 12:0 a.m.377 views

Information about TCP SACK Panic Findings in PAN-OS

Palo Alto Networks is aware of recent vulnerability disclosures known as TCP SACK Panic vulnerabilities. Ref: PAN-119745/ CVE-2019-11477, CVE-2019-11478, CVE-2019-11479...

7.8CVSS2.6AI score0.98745EPSS
Exploits4Affected Software1
nessus
nessus
added 2019/06/27 12:0 a.m.47 views

EulerOS 2.0 SP3 : kernel (EulerOS-SA-2019-1672)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. Whil...

9.3CVSS6.9AI score0.98745EPSS
Exploits9References10
redhat
redhat
added 2019/06/25 6:10 p.m.4 views

Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service

An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented. Each fragment is about TCP maximum segment size MSS...

7.8CVSS7.3AI score0.98745EPSS
Exploits4References6
redhat
redhat
added 2019/06/25 6:10 p.m.204 views

Important: Red Hat Security Advisory: kernel-alt security update

An update for kernel-alt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

7.8CVSS6.9AI score0.98745EPSS
Exploits4References5
redhat
redhat
added 2019/06/25 9:20 a.m.3 views

Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service

An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented. Each fragment is about TCP maximum segment size MSS...

7.8CVSS7.3AI score0.98745EPSS
Exploits4References6
nessus
nessus
added 2019/06/25 12:0 a.m.40 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1692-1) (SACK Panic) (SACK Slowness)

The SUSE Linux Enterprise 12 kernel version 3.12.61 was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel pani...

8.8CVSS6.8AI score0.98745EPSS
Exploits7References35
veracode
veracode
added 2019/06/24 12:20 a.m.51 views

Denial Of Service (DoS)

kernel is vulnerable to denial of service. An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented. Each...

7.5CVSS7.4AI score0.98745EPSS
Exploits4References31Affected Software4
Rows per page
Query Builder