---

Canonical Outs Important Linux Kernel Security Update for All Ubuntu Releases

In a recent security advisory, Canonical details two recently discovered security vulnerabilities (CVE-2019-11477 and CVE-2019-11478) affecting Linux kernel’s TCP retransmission queue implementation when handling some specific TCP Selective Acknowledgment (SACKs). Both security vulnerabilities were discovered by Jonathan Looney and could allow a remote attacker to crash the affected system by causing a denial of service. Known as SACK Panic, they affect all supported Ubuntu Linux releases, including Ubuntu 19.04, Ubuntu 18.10, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS.