SUSE: 2019:1533-1 Important: Kernel Security Update for Multiple Threats

suse

June 17, 2019

An update that solves 9 vulnerabilities and has 7 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP1 kernel version 3.12.74 was updated to to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel panic. (bsc#1137586). - CVE-2019-11478: It is possible to send a crafted sequence of SACKs which will fragment the TCP retransmission queue. A remote attacker may be able to further exploit the fragmented queue to cause an expensive linked-list walk for subsequent SACKs received for that same TCP connection. - CVE-2019-11479: It was possible to send a crafted sequence of SACKs which will fragment the RACK send map. A remote attacker may be able to further exploit the fragmented send map to cause an expensive

Topics Covered

security advisory security update important kernel SUSE remote exploitation Linux Kernel

References

#1104367 #1110785 #1113769 #1120843 #1120885

#1125580 #1125931 #1131543 #1131587 #1132374

#1132472 #1134848 #1135281 #1136424 #1136446

#1137586

Cross- CVE-2018-17972 CVE-2019-11190 CVE-2019-11477

CVE-2019-11478 CVE-2019-11479 CVE-2019-11833

CVE-2019-11884 CVE-2019-3846 CVE-2019-5489

Affected Products:

SUSE Linux Enterprise Server for SAP 12-SP1

SUSE Linux Enterprise Server 12-SP1-LTSS

SUSE Linux Enterprise Module for Public Cloud 12

https://www.suse.com/security/cve/CVE-2018-17972.html

https://www.suse.com/security/cve/CVE-2019-11190.html

https://www.suse.com/security/cve/CVE-2019-11477.html

https://www.suse.com/security/cve/CVE-2019-11478.html

https://www.suse.com/security/cve/CVE-2019-11479.html

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2019:1533-1

Rating: important

Topics Covered

security advisory security update important kernel SUSE remote exploitation Linux Kernel

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2019:1533-1 Important: Kernel Security Update for Multiple Threats

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2019:1533-1 Important: Kernel Security Update for Multiple Threats

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!