Описание
Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP1)
This update for the Linux Kernel 4.12.14-197_7 fixes one issue.
The following security issue was fixed:
This update contains a regression fix for CVE-2019-11477 and CVE-2019-11478 (bsc#1140747).
Список пакетов
SUSE Linux Enterprise Live Patching 15
kernel-livepatch-4_12_14-150_22-default-2-2.1
SUSE Linux Enterprise Live Patching 15 SP1
kernel-livepatch-4_12_14-197_4-default-3-2.1
kernel-livepatch-4_12_14-197_7-default-2-2.1
Ссылки
- Link for SUSE-SU-2019:1888-1
- E-Mail link for SUSE-SU-2019:1888-1
- SUSE Security Ratings
- SUSE Bug 1140747
- SUSE CVE CVE-2019-11478 page
Описание
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e.
Затронутые продукты
SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_4-default-3-2.1
SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-197_7-default-2-2.1
SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-150_22-default-2-2.1
Ссылки
- CVE-2019-11478
- SUSE Bug 1132686
- SUSE Bug 1137586
- SUSE Bug 1142129
- SUSE Bug 1143542