210 matches found
SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1935-1) (SACK Slowness)
This update for the Linux Kernel 3.12.74-6064115 fixes one issue. The following security issue was fixed : This update contains a regression fix for CVE-2019-11478 bsc1140747. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory...
SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1870-1) (SACK Slowness)
The SUSE Linux Enterprise 12 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-5390 aka 'SegmentSmack': A remote attacker even with relatively low bandwidth could have caused lots of CPU usage by triggering the worst case scenario...
Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (SACK Panic) (SACK Slowness)
Based on the RPM metadata this appears to be a security kernel. The RPM changelog shows fixes related to Security Fixes : - An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, t...
SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:1855-1) (SACK Slowness)
The SUSE Linux Enterprise 15 kernel version 4.12.14 was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-10638: Attackers used to be able to track the Linux kernel by the IP ID values the kernel produces for connection-less protocols. When such...
EulerOS Virtualization for ARM 64 3.0.2.0 : kernel (EulerOS-SA-2019-1702)
According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the...
Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service
An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented, which leads to increased resource...
Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service
An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented. Each fragment is about TCP maximum segment size MSS...
USN-4017-1: Linux kernel vulnerabilities | Cloud Foundry
Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description Jonathan Looney discovered that the TCP retransmission queue implementation in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment SACK sequences. A remote attacker could...
VMware product updates address Linux kernel vulnerabilities in TCP Selective Acknowledgement (SACK) (CVE-2019-11477, CVE-2019-11478)
3. Linux kernel vulnerabilities in TCP Selective Acknowledgement SACK CVE-2019-11477, CVE-2019-11478 CVE-2019-11477 - SACK Panic - A sequence of SACKs may be crafted such that one can trigger an integer overflow, leading to a kernel panic. VMware has evaluated the severity of this issue to be in...
EulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-1692)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. Whil...
VMSA-2019-0010:VMware product updates address Linux kernel vulnerabilities in TCP Selective Acknowledgement (SACK)
VMware Security Advisories Advisory ID| VMSA-2019-0010.3 ---|--- Advisory Severity| Important CVSSv3 Range| 5.3 - 7.5 Synopsis| VMware product updates address Linux kernel vulnerabilities in TCP Selective Acknowledgement SACK CVE-2019-11477, CVE-2019-11478 Issue Date| 2019-07-02 Updated On|...
Linux Kernel TCP SACK Denial of Service Vulnerability
Executive Summary Known vulnerabilities exist in the Linux kernel. These vulnerabilities are documented by the following CVEs: CVE-2019-11477, CVE-2019-11478, and CVE-2019-11479. The purpose of this advisory is to explain the various effects of these vulnerabilities and to provide links to more...
KLA11586 Linux Kernel TCP SACK Denial of Service Vulnerability
Various vulnerabilities was found in Linux Kernel. Microsoft adresses the various effects of these vulnerabilities and provides links to more information: 1. If you are running a Linux kernel in your Azure environment, you should contact the provider of that Linux kernel to understand their...
Information about TCP SACK Panic Findings in PAN-OS
Palo Alto Networks is aware of recent vulnerability disclosures known as TCP SACK Panic vulnerabilities. Ref: PAN-119745/ CVE-2019-11477, CVE-2019-11478, CVE-2019-11479...
EulerOS 2.0 SP3 : kernel (EulerOS-SA-2019-1672)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. Whil...
Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service
An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented. Each fragment is about TCP maximum segment size MSS...
Important: Red Hat Security Advisory: kernel-alt security update
An update for kernel-alt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service
An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented. Each fragment is about TCP maximum segment size MSS...
SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1692-1) (SACK Panic) (SACK Slowness)
The SUSE Linux Enterprise 12 kernel version 3.12.61 was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel pani...
Denial Of Service (DoS)
kernel is vulnerable to denial of service. An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented. Each...