[LSN-0052-1] Linux kernel vulnerability
benjamin.romer at canonical.com
benjamin.romer at canonical.com
Tue Jun 18 12:52:11 UTC 2019
==========================================================================
Kernel Live Patch Security Notice 0052-1
June 18, 2019
linux vulnerability
==========================================================================
A security issue affects these releases of Ubuntu:
| Series | Base kernel | Arch | flavors |
|------------------+--------------+----------+------------------|
| Ubuntu 18.04 LTS | 4.15.0 | amd64 | generic |
| Ubuntu 18.04 LTS | 4.15.0 | amd64 | lowlatency |
| Ubuntu 16.04 LTS | 4.4.0 | amd64 | generic |
| Ubuntu 16.04 LTS | 4.4.0 | amd64 | lowlatency |
Summary:
Several security issues were fixed in the kernel.
Software Description:
- linux: Linux kernel
Details:
Jonathan Looney discovered that an integer overflow existed in the Linux
kernel when handling TCP Selective Acknowledgments (SACKs). A remote
attacker could use this to cause a denial of service (system crash).
(CVE-2019-11477)
Jonathan Looney discovered that the TCP retransmission queue implementation
in the Linux kernel could be fragmented when handling certain TCP Selective
Acknowledgment (SACK) sequences. A remote attacker could use this to cause
a denial of service. (CVE-2019-11478)
Update instructions:
The problem can be corrected by updating your livepatches to the following
versions:
| Kernel | Version | flavors |
|--------------------------+----------+--------------------------|
| 4.4.0-148.174 | 52.3 | generic, lowlatency |
| 4.4.0-150.176 | 52.3 | generic, lowlatency |
| 4.15.0-50.54 | 52.3 | generic, lowlatency |
| 4.15.0-50.54~16.04.1 | 52.3 | generic, lowlatency |
| 4.15.0-51.55 | 52.3 | generic, lowlatency |
| 4.15.0-51.55~16.04.1 | 52.3 | generic, lowlatency |
References:
CVE-2019-11477, CVE-2019-11478
More information about the ubuntu-security-announce
mailing list