rpm package

suse/kgraft-patch-SLE12-SP3_Update_16&distro=SUSE Linux Enterprise Server 12 SP3-LTSS

pkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_16&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSS

Vulnerabilities (3)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2019-11478	—	< 7-2.1	7-2.1	Jun 18, 2019	Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fi
CVE-2019-11477	—	< 7-2.1	7-2.1	Jun 18, 2019	Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel
CVE-2019-3846	—	< 7-2.1	7-2.1	Jun 3, 2019	A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.

CVE-2019-11478Jun 18, 2019
affected < 7-2.1fixed 7-2.1
Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fi
CVE-2019-11477Jun 18, 2019
affected < 7-2.1fixed 7-2.1
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel
CVE-2019-3846Jun 3, 2019
affected < 7-2.1fixed 7-2.1
A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.