Update to v5.1.11

  • Fixes CVE-2019-11477
  • Fixes CVE-2019-11479
  • Fixes CVE-2019-11478

Reboot Required
After installing this update it is required that you reboot your system to ensure the changes supplied by this update are applied properly.

How to install

sudo dnf upgrade --advisory=FEDORA-2019-914542e05c

This update has been submitted for testing by jcline.

2 years ago

This update test gating status has been changed to 'waiting'.

2 years ago

This update test gating status has been changed to 'ignored'.

2 years ago

This update has been pushed to testing.

2 years ago
User Icon mstevens commented & provided feedback 2 years ago
karma

works fine

User Icon kondor6c commented & provided feedback 2 years ago
karma

tested on an AMD machine that acts as a router/AP with ath10k device as radio, broadcom bnx2 and RTL8168e

BZ#1719123 CVE-2019-11477 Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service
BZ#1719128 CVE-2019-11478 Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service
BZ#1719129 CVE-2019-11479 Kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service
BZ#1721254 CVE-2019-11477 kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service [fedora-all]
BZ#1721255 CVE-2019-11479 kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service [fedora-all]
BZ#1721256 CVE-2019-11478 kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service [fedora-all]

This update has been submitted for stable by jcline.

2 years ago
User Icon jlanda provided feedback 2 years ago
karma
BZ#1719123 CVE-2019-11477 Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service
BZ#1719128 CVE-2019-11478 Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service
BZ#1719129 CVE-2019-11479 Kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service
BZ#1721254 CVE-2019-11477 kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service [fedora-all]
BZ#1721255 CVE-2019-11479 kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service [fedora-all]
BZ#1721256 CVE-2019-11478 kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service [fedora-all]
karma
BZ#1719123 CVE-2019-11477 Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service
BZ#1719128 CVE-2019-11478 Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service
BZ#1719129 CVE-2019-11479 Kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service
BZ#1721254 CVE-2019-11477 kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service [fedora-all]
BZ#1721255 CVE-2019-11479 kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service [fedora-all]
BZ#1721256 CVE-2019-11478 kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service [fedora-all]

This update has been pushed to stable.

2 years ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
4
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago
BZ#1719123 CVE-2019-11477 Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service
0
3
BZ#1719128 CVE-2019-11478 Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service
0
3
BZ#1719129 CVE-2019-11479 Kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service
0
3
BZ#1721254 CVE-2019-11477 kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service [fedora-all]
0
3
BZ#1721255 CVE-2019-11479 kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service [fedora-all]
0
3
BZ#1721256 CVE-2019-11478 kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service [fedora-all]
0
3

Automated Test Results

Test Cases

0 3 Test Case kernel regression