CentOS 7 and RHEL 7 Get Important Linux Kernel Update to Patch SACK Panic Flaws
|
|
The Red Hat Enterprise Linux and CentOS Linux operating systems have received new Linux kernel security updates that are marked as important and address the recently disclosed TCP vulnerabilities affecting all GNU/Linux distributions.
|
|
The new Linux kernel security updates patch an integer overflow flaw (CVE-2019-11477) discovered by Jonathan Looney in Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments, which could allow a remote attacker to cause a so-called SACK Panic attack (denial of service) by sending malicious sequences of SACK segments on a TCP connection that has a small TCP MSS value.
Furthermore, the Linux kernel security update also fixes two other similar issues (CVE-2019-11478 and CVE-2019-11479), both discovered by Jonathan Looney in Linux kernel's TCP retransmission queue implementation, which could allow a remote attacker to cause a denial of service that may lead to excessive resource consumption and a system crash. Full Story |
This topic does not have any threads posted yet!
You cannot post until you login.
