Patches are also available for CentOS 6 and RHEL 6 series

Jun 21, 2019 14:18 GMT  ·  By
Red Hat Enterprise Linux and CentOS are now patched against SACK Panic flaws
   Red Hat Enterprise Linux and CentOS are now patched against SACK Panic flaws

The Red Hat Enterprise Linux and CentOS Linux operating systems have received new Linux kernel security updates that are marked as important and address the recently disclosed TCP vulnerabilities affecting all GNU/Linux distributions.

The new Linux kernel security updates patch an integer overflow flaw (CVE-2019-11477) discovered by Jonathan Looney in Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments, which could allow a remote attacker to cause a so-called SACK Panic attack (denial of service) by sending malicious sequences of SACK segments on a TCP connection that has a small TCP MSS value.

"While processing SACK segments, the Linux kernel's socket buffer (SKB) data structure becomes fragmented," reads Red Hat's security advisory. "Each fragment is about TCP maximum segment size (MSS) bytes. To efficiently process SACK blocks, the Linux kernel merges multiple fragmented SKBs into one, potentially overflowing the variable holding the number of segments."

Furthermore, the Linux kernel security update also fixes two other similar issues (CVE-2019-11478 and CVE-2019-11479), both discovered by Jonathan Looney in Linux kernel's TCP retransmission queue implementation, which could allow a remote attacker to cause a denial of service that may lead to excessive resource consumption and a system crash.

Users are urged to update their systems immediately

In addition to the three SACK Panic security vulnerabilities mentioned above, the Linux kernel security update released for Red Hat Enterprise Linux 6 and CentOS Linux 6 operating system series also adds the Intel MDS mitigations for Intel Skylake CPUs and a missing md_clear flag in /proc/cpuinfo, ensures the Linux kernel now disables SMT with the mds=full,nosmt parameter, and fixes a double free issue in lib/idr.c.

All users of the Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 6, CentOS Linux 7, and CentOS Linux 6 operating system series are urged to update their systems as soon as possible. The new Linux kernel security updates are available for all supported variants of these operating systems on 64-bit, 32-bit, IBM z Systems (s390x), PowerPC 64-bit Big Endian (ppc64), and PowerPC 64-bit Little Endian (ppc64le) architectures.