Overview

File _patchinfo of Package patchinfo.11894

<patchinfo incident="11894">
  <issue id="1137597" tracker="bnc">VUL-0: kernel live patch: multiple remote denial of service issues (SACK Panic)</issue>
  <issue id="1140747" tracker="bnc">L3: possible bug in kernel 4.4.121-92.114.1 applications tcp socket get stuck</issue>
  <issue id="2019-11477" tracker="cve" />
  <issue id="2019-11478" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>nstange</packager>
  <description>This update for the Linux Kernel 3.12.74-60_64_110 fixes several issues.

The following security issues were fixed:

- CVE-2019-11477: Jonathan Looney discovered that the TCP_SKB_CB(skb)-&gt;tcp_gso_segs value was subject to an integer overflow when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. (bsc#1137586)
- CVE-2019-11478: Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. (bsc#1137586)

This update contains a regression fix for CVE-2019-11477 and CVE-2019-11478 (bsc#1140747).
</description>
<summary>Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP1)</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places