On Tue, Aug 7, 2018 at 8:50 AM Jeff Andich <[email protected]> wrote: > > Hello, > > We got an email at work about the following advisories about a denial of > service vulnerability in the TCP implementation in kernel versions 4.9 and > greater: > > https://www.kb.cert.org/vuls/id/962459. > > There's a patch, called out in the above link, and the patch comments > describe the issue and the current fix: > > https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/patch/?id=1a4f14bab1868b443f0dd3c55b689a478f82e72e > > If we're running kernel version 4.9 or greater on our beaglebone/beagleboard > products, what do you recommend we do? > > Should we go ahead and apply the patch to every image we download from > beagleboard.org with kernel 4.9 or greater if we're connecting our beagles on > the internet and are concerned about the attack, or has the fix already be > "rolled" into certain images?
Already included in: 4.17.11 https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v4.17.11&id=db11182a1e38e7149804962111622b15bd9aeff2 4.14.59 https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v4.14.59&id=f3a5ba6310e11df370f6888ed716d1486896d983 Our update script already pulls in: http://repos.rcn-ee.net/latest/stretch-armhf/LATEST-ti ABI:1 LTS414 4.14.60-ti-r67 and http://repos.rcn-ee.net/latest/stretch-armhf/LATEST-armv7 ABI:1 LTS414 4.14.60-armv7-x5 ABI:1 STABLE 4.17.12-armv7-x12 http://repos.rcn-ee.net/latest/stretch-armhf/LATEST-armv7-lpae ABI:1 LTS414 4.14.60-armv7-lpae-x3 ABI:1 STABLE 4.17.12-armv7-lpae-x12 Regards, -- Robert Nelson https://rcn-ee.com/ -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to the Google Groups "BeagleBoard" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/beagleboard/CAOCHtYhfY0Yz4Bqc0EN31C2B5D2s8rHsrXCHMXqY1O-AUmX-gw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
