Oracle Linux 8 : kernel (ELSA-2019-1479)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-1479 advisory. - net tcp: enforce tcpminsndmss in tcpmtuprobing Florian Westphal 1719922 1719923 CVE-2019-11479 - net tcp: add tcpminsndmss sysctl Florian Westphal...

Updated kernel-tmb packages fix security vulnerability

This kernel-tmb update is based on the upstream 4.14.127 and fixes at least the following security issues: Jonathan Looney discovered that it is possible to send a crafted sequence of SACKs which will fragment the RACK send map. An attacker may be able to further exploit the fragmented send map t...

Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service

An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented. Each fragment is about TCP maximum segment size MSS...

CVE-2019-11477

Jonathan Looney discovered that the TCPSKBCBskb-tcpgsosegs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments SACKs. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182,...