SUSE Linux 12 LTSS: 2019:1692-1 Important: Network Attack Fixes

suse

June 24, 2019

An update that solves 9 vulnerabilities and has 7 fixes is now available

Summary

The SUSE Linux Enterprise 12 kernel version 3.12.61 was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel panic. (bsc#1137586). - CVE-2019-11478: It was possible to send a crafted sequence of SACKs which would fragment the TCP retransmission queue. A remote attacker may have been able to further exploit the fragmented queue to cause an expensive linked-list walk for subsequent SACKs received for that same TCP connection. - CVE-2019-11479: It was possible to send a crafted sequence of SACKs which would fragment the RACK send map. A remote attacker may have been able to further exploit the fragmented send map to cause an expensive

Topics Covered

security advisory security issue important kernel SUSE system fix network attack

References

#1090078 #1110785 #1113769 #1120843 #1120885

#1125580 #1125931 #1131543 #1131587 #1132374

#1132472 #1134848 #1135281 #1136424 #1136446

#1137586

Cross- CVE-2018-17972 CVE-2019-11190 CVE-2019-11477

CVE-2019-11478 CVE-2019-11479 CVE-2019-11833

CVE-2019-11884 CVE-2019-3846 CVE-2019-5489

Affected Products:

SUSE Linux Enterprise Server 12-LTSS

SUSE Linux Enterprise Module for Public Cloud 12

https://www.suse.com/security/cve/CVE-2018-17972.html

https://www.suse.com/security/cve/CVE-2019-11190.html

https://www.suse.com/security/cve/CVE-2019-11477.html

https://www.suse.com/security/cve/CVE-2019-11478.html

https://www.suse.com/security/cve/CVE-2019-11479.html

https://www.suse.com/security/cve/CVE-2019-11833.html

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2019:1692-1

Rating: important

Topics Covered

security advisory security issue important kernel SUSE system fix network attack

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Linux 12 LTSS: 2019:1692-1 Important: Network Attack Fixes

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Linux 12 LTSS: 2019:1692-1 Important: Network Attack Fixes

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!