The new Linux kernel security updates patch an integer overflow flaw (CVE-2019-11477) discovered by Jonathan Looney in Linux kernel’s networking subsystem processed TCP Selective Acknowledgment (SACK) segments, which could allow a remote attacker to cause a so-called SACK Panic attack (denial of service) by sending malicious sequences of SACK segments on a TCP connection that has a small TCP MSS value.
“While processing SACK segments, the Linux kernel’s socket buffer (SKB) data structure becomes fragmented,” reads Red Hat’s security advisory. “Each fragment is about TCP maximum segment size (MSS) byt… (read more)
Remember to like our facebook and our twitter @ubuntufree for a chance to win a free Ubuntu laptop by Dell or HP!
Top Trending Pages: Ubuntu Hosting | Download Ubuntu Software | Share Ubuntu Files With Windows