Canonical has released an important Linux kernel security update for all supported Ubuntu Linux releases to address two critical security vulnerabilities that could crash users’ systems.
In a recent security advisory, Canonical details two recently discovered security vulnerabilities (CVE-2019-11477 and CVE-2019-11478) affecting Linux kernel’s TCP retransmission queue implementation when handling some specific TCP Selective Acknowledgment (SACKs).
Both security vulnerabilities were discovered by Jonathan Looney and could allow a remote attacker to crash the affected system by causing a denial of service. Known as SACK Panic, they affect all supported Ubuntu Linux releases, including Ubuntu 19.04, Ubuntu 18.10, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS.
“Jonathan Looney discovered several flaws in the way that t… (read more)
from Softpedia News / Linux https://news.softpedia.com/news/canonical-outs-important-linux-kernel-security-update-for-all-ubuntu-releases-526440.shtml