Coming hot on the heels of the recent Linux kernel security updates published earlier this week for all supported Ubuntu releases, the new Linux kernel live patch is only targeted at Ubuntu versions that support the kernel live patch and are long-term supported, including Ubuntu 18.04 LTS (Bionic Beaver) and Ubuntu 16.04 LTS (Xenial Xerus). And it’s here to address the same two security vulnerabilities (CVE-2019-11477 and CVE-2019-11478) discovered by Jonathan Looney in Linux kernel’s TCP retransmission queue implementation when handling TCP Selective Acknowledgments (SACKs), which could allow a remote attacker to crash the system by causing a denial of service (resource exhaustion). The CVE-2019-11477 flaw is also known as SACK Panic.
Get the Free Newsletter!
Subscribe to Developer Insider for top news, trends, & analysis