SUSE Linux Enterprise 11: 2019:14089-1 Important: Kernel Security Fixes

suse

June 18, 2019

An update that solves 9 vulnerabilities and has 9 fixes is now available

Summary

The SUSE Linux Enterprise 11 SP4 kernel version 3.0.101 was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-11477: A sequence of SACKs may have been crafted such that one can trigger an integer overflow, leading to a kernel panic. (bsc#1137586) - CVE-2019-11478: It was possible to send a crafted sequence of SACKs which will fragment the TCP retransmission queue. An attacker may have been able to further exploit the fragmented queue to cause an expensive linked-list walk for subsequent SACKs received for that same TCP connection. - CVE-2019-11479: It was possible to send a crafted sequence of SACKs which will fragment the RACK send map. A remote attacker may be able to further exploit the fragmented send map to cause an expensive

Topics Covered

security advisory important integer overflow SUSE resource consumption Linux Kernel TCP fragment

References

#1110785 #1113769 #1119314 #1120326 #1120843

#1120885 #1131295 #1131543 #1132374 #1132472

#1132580 #1133188 #1134102 #1134729 #1134848

#1137586 #923908 #939260

Cross- CVE-2014-9710 CVE-2018-17972 CVE-2019-11190

CVE-2019-11477 CVE-2019-11478 CVE-2019-11479

CVE-2019-11486 CVE-2019-11884 CVE-2019-5489

Affected Products:

SUSE Linux Enterprise Server 11-SP4-LTSS

SUSE Linux Enterprise Server 11-EXTRA

SUSE Linux Enterprise Debuginfo 11-SP4

https://www.suse.com/security/cve/CVE-2014-9710.html

https://www.suse.com/security/cve/CVE-2018-17972.html

https://www.suse.com/security/cve/CVE-2019-11190.html

https://www.suse.com/security/cve/CVE-2019-11477.html

https://www.suse.com/security/cve/CVE-2019-11478.html

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2019:14089-1

Rating: important

Topics Covered

security advisory important integer overflow SUSE resource consumption Linux Kernel TCP fragment

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Linux Enterprise 11: 2019:14089-1 Important: Kernel Security Fixes

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Linux Enterprise 11: 2019:14089-1 Important: Kernel Security Fixes

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!