** Tags added: cscc
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1831637
Title:
Remote denial of service (system crash) caused by integer overflow in
TCP SACK handling
To manage notifications
Ubuntu 14.04 ESM's base kernel was fixed with version 3.13.0-171.222.
Ubuntu 12.04 ESM's base kernel was fixed with version 3.2.0-141.188.
** Changed in: linux (Ubuntu Trusty)
Status: New => Fix Released
** Changed in: linux (Ubuntu Precise)
Status: New => Fix Released
--
You
This bug was fixed in the package linux - 5.0.0-17.18
---
linux (5.0.0-17.18) disco; urgency=medium
* Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard
manipulation (LP: #1831638)
- SAUCE: tcp: tcp_fragment() should apply sane memory limits
*
This bug report represents CVE-2019-11477
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-11477
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1831637
Title:
Remote denial of
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1831637
Title:
Remote denial of service (system crash) caused by integer overflow