Update to v5.1.11

  • Fixes CVE-2019-11477
  • Fixes CVE-2019-11479
  • Fixes CVE-2019-11478

Reboot Required
After installing this update it is required that you reboot your system to ensure the changes supplied by this update are applied properly.

How to install

sudo dnf upgrade --advisory=FEDORA-2019-6c3d89b3d0

This update has been submitted for testing by jcline.

2 years ago

This update test gating status has been changed to 'waiting'.

2 years ago

This update test gating status has been changed to 'ignored'.

2 years ago
User Icon nivag commented & provided feedback 2 years ago
karma

works for me: desktop 16GB Intel i7-3770 CPU, using the Mate Desktop Environment. Regression tests passed.

This update has been pushed to testing.

2 years ago
User Icon crcinau commented & provided feedback 2 years ago
karma

Tested in numerous Xen DomU's with no issues.

BZ#1719123 CVE-2019-11477 Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service
BZ#1719128 CVE-2019-11478 Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service
BZ#1719129 CVE-2019-11479 Kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service
BZ#1721254 CVE-2019-11477 kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service [fedora-all]
BZ#1721255 CVE-2019-11479 kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service [fedora-all]
BZ#1721256 CVE-2019-11478 kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service [fedora-all]
User Icon rgessner commented & provided feedback 2 years ago
karma

Works. I5-8400

User Icon imabug provided feedback 2 years ago
karma
User Icon mimat provided feedback 2 years ago
karma
User Icon masami commented & provided feedback 2 years ago
karma

wfm on i7-9700K. Regression test passed. network worked fine.

This update has been submitted for stable by jcline.

2 years ago
User Icon lmouillart provided feedback 2 years ago
karma
User Icon atim provided feedback 2 years ago
karma
User Icon xvitaly commented & provided feedback 2 years ago
karma

WFM.

User Icon shecks commented & provided feedback 2 years ago
karma

Both the default and performance kernel tests passed. Intel i7-6850K, ASUS X99 MB, 64G RAM, RX 590 GPU

User Icon ibims provided feedback 2 years ago
karma
User Icon goodmirek provided feedback 2 years ago
karma
User Icon pwhalen commented & provided feedback 2 years ago
karma

Tested on aarch64(mustang) and armhfp(rpi3).

This update has been pushed to stable.

2 years ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
13
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago
BZ#1719123 CVE-2019-11477 Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service
0
1
BZ#1719128 CVE-2019-11478 Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service
0
1
BZ#1719129 CVE-2019-11479 Kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service
0
1
BZ#1721254 CVE-2019-11477 kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service [fedora-all]
0
1
BZ#1721255 CVE-2019-11479 kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service [fedora-all]
0
1
BZ#1721256 CVE-2019-11478 kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service [fedora-all]
0
1

Automated Test Results

Test Cases

0 10 Test Case kernel regression