The new Linux kernel security updates patch an integer overflow flaw (CVE-2019-11477) discovered by Jonathan Looney in Linux kernel’s networking subsystem processed TCP Selective Acknowledgment (SACK) segments, which could allow a remote attacker to cause a so-called SACK Panic attack (denial of service) by sending malicious sequences of SACK segments on a TCP connection that has a small TCP MSS value. Furthermore, the Linux kernel security update also fixes two other similar issues (CVE-2019-11478 and CVE-2019-11479), both discovered by Jonathan Looney in Linux kernel’s TCP retransmission queue implementation, which could allow a remote attacker to cause a denial of service that may lead to excessive resource consumption and a system crash.
Articles
View All Hover to load posts
Articles
View All Hover to load posts
Articles
View All Hover to load posts
Articles
View All Hover to load posts
Articles
View All Hover to load posts
Articles
View All Hover to load posts
Articles
View All Hover to load posts
Articles
View All Hover to load posts
