Red Hat Enterprise Linux (RHEL) and CentOS Released Linux kernel Updates
The new Linux kernel security update patch an integer overflow flaw.
CVE-2019-11477:
An integer overflow flaw was found in the way the Linux kernel’s networking subsystem processed TCP Selective Acknowledgment (SACK) segments. While processing SACK segments, the Linux kernel’s socket buffer (SKB) data structure becomes fragmented. Each fragment is about TCP maximum segment size (MSS) bytes.
To efficiently process SACK blocks, the Linux kernel merges multiple fragmented SKBs into one, potentially overflowing the variable holding the number of segments. A remote attacker could use this flaw to crash the Linux kernel by sending a crafted sequence of SACK segments on a TCP connection with small value of TCP MSS, resulting in a denial of service (DoS).
(CVE-2019-11478):
Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service.
Kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service.
Also Read – Microsoft Announces Built-in Linux Kernel For Windows 10 Insider
RHEL Affected Products
- Red Hat Enterprise Linux Server 7 x86_64
- Red Hat Enterprise Linux Server – Extended Update Support 7.6 x86_64
- Red Hat Enterprise Linux Server – AUS 7.6 x86_64
- Red Hat Enterprise Linux Workstation 7 x86_64
- Red Hat Enterprise Linux Desktop 7 x86_64
- Red Hat Enterprise Linux for IBM z Systems 7 s390x
- Red Hat Enterprise Linux for IBM z Systems – Extended Update Support 7.6 s390x
- Red Hat Enterprise Linux for Power, big endian 7 ppc64
- Red Hat Enterprise Linux for Power, big endian – Extended Update Support 7.6 ppc64
- Red Hat Enterprise Linux for Scientific Computing 7 x86_64
- Red Hat Enterprise Linux EUS Compute Node 7.6 x86_64
- Red Hat Enterprise Linux for Power, little endian 7 ppc64le
- Red Hat Enterprise Linux for Power, little endian – Extended Update Support 7.6 ppc64le
- Red Hat Virtualization Host 4 x86_64
- Red Hat Enterprise Linux Server – TUS 7.6 x86_64
- Red Hat Enterprise Linux Server (for IBM Power LE) – Update Services for SAP Solutions 7.6 ppc64le
- Red Hat Enterprise Linux Server – Update Services for SAP Solutions 7.6 x86_64
- Red Hat Virtualization Host – Extended Update Support 4.2 for RHEL 7.6 x86_64lows remote denial of service (CVE-2019-11478)
- Kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service (CVE-2019-11479)
Update your Linux Operating System Now.
