Linux Kernel Security Updates For RHEL And CentOS – Patch Integer Overflow Flaw

Linux Kernel Update
Linux Kernel Update

Red Hat Enterprise Linux (RHEL) and CentOS Released Linux kernel Updates

The new Linux kernel security update patch an integer overflow flaw.

CVE-2019-11477:
An integer overflow flaw was found in the way the Linux kernel’s networking subsystem processed TCP Selective Acknowledgment (SACK) segments. While processing SACK segments, the Linux kernel’s socket buffer (SKB) data structure becomes fragmented. Each fragment is about TCP maximum segment size (MSS) bytes.

To efficiently process SACK blocks, the Linux kernel merges multiple fragmented SKBs into one, potentially overflowing the variable holding the number of segments. A remote attacker could use this flaw to crash the Linux kernel by sending a crafted sequence of SACK segments on a TCP connection with small value of TCP MSS, resulting in a denial of service (DoS).

(CVE-2019-11478):
Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service.

(CVE-2019-11479):.

Kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service.

Also Read – Microsoft Announces Built-in Linux Kernel For Windows 10 Insider

RHEL Affected Products

  • Red Hat Enterprise Linux Server 7 x86_64
  • Red Hat Enterprise Linux Server – Extended Update Support 7.6 x86_64
  • Red Hat Enterprise Linux Server – AUS 7.6 x86_64
  • Red Hat Enterprise Linux Workstation 7 x86_64
  • Red Hat Enterprise Linux Desktop 7 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 7 s390x
  • Red Hat Enterprise Linux for IBM z Systems – Extended Update Support 7.6 s390x
  • Red Hat Enterprise Linux for Power, big endian 7 ppc64
  • Red Hat Enterprise Linux for Power, big endian – Extended Update Support 7.6 ppc64
  • Red Hat Enterprise Linux for Scientific Computing 7 x86_64
  • Red Hat Enterprise Linux EUS Compute Node 7.6 x86_64
  • Red Hat Enterprise Linux for Power, little endian 7 ppc64le
  • Red Hat Enterprise Linux for Power, little endian – Extended Update Support 7.6 ppc64le
  • Red Hat Virtualization Host 4 x86_64
  • Red Hat Enterprise Linux Server – TUS 7.6 x86_64
  • Red Hat Enterprise Linux Server (for IBM Power LE) – Update Services for SAP Solutions 7.6 ppc64le
  • Red Hat Enterprise Linux Server – Update Services for SAP Solutions 7.6 x86_64
  • Red Hat Virtualization Host – Extended Update Support 4.2 for RHEL 7.6 x86_64lows remote denial of service (CVE-2019-11478)
  • Kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service (CVE-2019-11479)

Update your Linux Operating System Now.

For the latest update about Cyber and Infosec World, follow us on Twitter, Facebook, Telegram , Instagram and subscribe to our YouTube Channel.

Subscribe to HackersOnlineClub via Email

Enter your Email address to receive notifications of Latest Posts by Email | Join over Million Followers

More from Priyanshu Sahay

Two Microsoft Zero-Day Exploit Available [Unpatch]

The Hacker group Sanboxscraper has Published Two More Microsoft Zero-Day Vulnerability, which...
Read More

Leave a Reply