Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2019:1602 - Security Advisory
Issued:
2019-06-25
Updated:
2019-06-25

RHSA-2019:1602 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kernel-alt security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-alt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-alt packages provide the Linux kernel version 4.x.

Security Fix(es):

  • An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments. While processing SACK segments, the Linux kernel's socket buffer (SKB) data structure becomes fragmented. Each fragment is about TCP maximum segment size (MSS) bytes. To efficiently process SACK blocks, the Linux kernel merges multiple fragmented SKBs into one, potentially overflowing the variable holding the number of segments. A remote attacker could use this flaw to crash the Linux kernel by sending a crafted sequence of SACK segments on a TCP connection with small value of TCP MSS, resulting in a denial of service (DoS). (CVE-2019-11477)
  • Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service (CVE-2019-11478)
  • kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service (CVE-2019-11479)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for ARM 64 7 aarch64
  • Red Hat Enterprise Linux for Power 9 7 ppc64le
  • Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x

Fixes

  • BZ - 1719123 - CVE-2019-11477 Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service
  • BZ - 1719128 - CVE-2019-11478 Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service
  • BZ - 1719129 - CVE-2019-11479 kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service

CVEs

  • CVE-2019-11477
  • CVE-2019-11478
  • CVE-2019-11479

References

  • https://access.redhat.com/security/updates/classification/#important
  • https://access.redhat.com/security/vulnerabilities/tcpsack
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for ARM 64 7

SRPM
kernel-alt-4.14.0-115.8.2.el7a.src.rpm SHA-256: 0aeada308c584e995afcd01f8fb8bce48faf396f257405db53ac330af3583734
aarch64
kernel-4.14.0-115.8.2.el7a.aarch64.rpm SHA-256: bc90b911496b9da8cc748e03159ea01f78a26eb4c83c2c95d89ae13224a08059
kernel-abi-whitelists-4.14.0-115.8.2.el7a.noarch.rpm SHA-256: 18ac0cfc4b77ed0bf7b510f80dcfc1fa60f8855e12ea741ba8394d7f2fd240db
kernel-debug-4.14.0-115.8.2.el7a.aarch64.rpm SHA-256: 84195c18663f6327d614b7d8bb732f1711239e977a0dd7c798cd6ed3e12a7876
kernel-debug-debuginfo-4.14.0-115.8.2.el7a.aarch64.rpm SHA-256: cb07d80e5fc39054d62f3a926fc1d139c99d855fc27fa81a455cf0a13d2ed635
kernel-debug-debuginfo-4.14.0-115.8.2.el7a.aarch64.rpm SHA-256: cb07d80e5fc39054d62f3a926fc1d139c99d855fc27fa81a455cf0a13d2ed635
kernel-debug-devel-4.14.0-115.8.2.el7a.aarch64.rpm SHA-256: b7c6a3ac44baa491d137e595e1d61959c28f11b8ec78a180194377518e9b3316
kernel-debuginfo-4.14.0-115.8.2.el7a.aarch64.rpm SHA-256: 7d4e61afeb4be622be7337e6f8ea5feede003516c73c6522a3f57f71a37be824
kernel-debuginfo-4.14.0-115.8.2.el7a.aarch64.rpm SHA-256: 7d4e61afeb4be622be7337e6f8ea5feede003516c73c6522a3f57f71a37be824
kernel-debuginfo-common-aarch64-4.14.0-115.8.2.el7a.aarch64.rpm SHA-256: d945763d865636fa96938fcc96c39a7f2402a2cf61f89a7916a455e5fa597cb9
kernel-debuginfo-common-aarch64-4.14.0-115.8.2.el7a.aarch64.rpm SHA-256: d945763d865636fa96938fcc96c39a7f2402a2cf61f89a7916a455e5fa597cb9
kernel-devel-4.14.0-115.8.2.el7a.aarch64.rpm SHA-256: 619b09c7e2d3435d335e50e312cddf1fe0746f8ca50debc45dac9fa76f927145
kernel-doc-4.14.0-115.8.2.el7a.noarch.rpm SHA-256: 8467b08e0a37d6e8699f1103ac4417ac2576d4707ae1db1bc8d3821b4b55cdf7
kernel-doc-4.14.0-115.8.2.el7a.noarch.rpm SHA-256: 8467b08e0a37d6e8699f1103ac4417ac2576d4707ae1db1bc8d3821b4b55cdf7
kernel-headers-4.14.0-115.8.2.el7a.aarch64.rpm SHA-256: 51a1f92b3466200626c5f93aef5a10f5bf2cfb3d3a18e60de9307d3b868ee593
kernel-tools-4.14.0-115.8.2.el7a.aarch64.rpm SHA-256: ba161f16f09ef8dc3eacc1bf1fdc9fa66b8b289900ee6e7f6f453b3d05f44638
kernel-tools-debuginfo-4.14.0-115.8.2.el7a.aarch64.rpm SHA-256: 10fef5cd78f939972a4329a295ef61263d9f6d4147b309936fbe93464a682dec
kernel-tools-debuginfo-4.14.0-115.8.2.el7a.aarch64.rpm SHA-256: 10fef5cd78f939972a4329a295ef61263d9f6d4147b309936fbe93464a682dec
kernel-tools-libs-4.14.0-115.8.2.el7a.aarch64.rpm SHA-256: 6fd687cfae2801af52663b2306763484d90a67cfe28c7f133066e284ea90400a
kernel-tools-libs-devel-4.14.0-115.8.2.el7a.aarch64.rpm SHA-256: c7e2f3a49a28cc5ca6e30c9adb9ca4fe917284c93e40d0f6908059840c87c107
perf-4.14.0-115.8.2.el7a.aarch64.rpm SHA-256: a7f0285c767f3929759c5843b4d55e3e8eab0d173cb45e9058391f3a16a7bc9d
perf-debuginfo-4.14.0-115.8.2.el7a.aarch64.rpm SHA-256: 90f8ec78b2665f0dac36cdb80e74ab29e2c38a72ad2f0fb8af5d45e794e5b61e
perf-debuginfo-4.14.0-115.8.2.el7a.aarch64.rpm SHA-256: 90f8ec78b2665f0dac36cdb80e74ab29e2c38a72ad2f0fb8af5d45e794e5b61e
python-perf-4.14.0-115.8.2.el7a.aarch64.rpm SHA-256: 5d4284effed685236e808a085bed399a63f983cf92e2c27a54fd44303f7e777f
python-perf-debuginfo-4.14.0-115.8.2.el7a.aarch64.rpm SHA-256: c8a122a0890b21d35714a47f91da55ec5f4e4d5ed7b2bbf0c6e7685bc19d51ec
python-perf-debuginfo-4.14.0-115.8.2.el7a.aarch64.rpm SHA-256: c8a122a0890b21d35714a47f91da55ec5f4e4d5ed7b2bbf0c6e7685bc19d51ec

Red Hat Enterprise Linux for Power 9 7

SRPM
kernel-alt-4.14.0-115.8.2.el7a.src.rpm SHA-256: 0aeada308c584e995afcd01f8fb8bce48faf396f257405db53ac330af3583734
ppc64le
kernel-4.14.0-115.8.2.el7a.ppc64le.rpm SHA-256: 1bcde5901dadf61bf62a39a3af2b87d2135bfd1500a880bbd7e6bdba7748df85
kernel-abi-whitelists-4.14.0-115.8.2.el7a.noarch.rpm SHA-256: 18ac0cfc4b77ed0bf7b510f80dcfc1fa60f8855e12ea741ba8394d7f2fd240db
kernel-bootwrapper-4.14.0-115.8.2.el7a.ppc64le.rpm SHA-256: 5f9a6f9c6365f1165a09459794d97606cfbafc58f94dfa99970ed568981c5e65
kernel-debug-4.14.0-115.8.2.el7a.ppc64le.rpm SHA-256: a2e15f6dd175eb064fd0e329285315e8b97e898078d2fef7ca3cad67be8e3b18
kernel-debug-debuginfo-4.14.0-115.8.2.el7a.ppc64le.rpm SHA-256: 00d2dc14457ba908662da530c246907e9e730bfb57750d1d591949035e573863
kernel-debug-debuginfo-4.14.0-115.8.2.el7a.ppc64le.rpm SHA-256: 00d2dc14457ba908662da530c246907e9e730bfb57750d1d591949035e573863
kernel-debug-devel-4.14.0-115.8.2.el7a.ppc64le.rpm SHA-256: afcf27412cbc1a5203ec2c0389623a3b335a5aa61a72518807270a157e052573
kernel-debuginfo-4.14.0-115.8.2.el7a.ppc64le.rpm SHA-256: 9814332ea0995e90247a62a6699029d96fa4b9796a7872afd7be0beeb1a579f9
kernel-debuginfo-4.14.0-115.8.2.el7a.ppc64le.rpm SHA-256: 9814332ea0995e90247a62a6699029d96fa4b9796a7872afd7be0beeb1a579f9
kernel-debuginfo-common-ppc64le-4.14.0-115.8.2.el7a.ppc64le.rpm SHA-256: 35f7365325505953034e3adc9e6d8f8a9a3af938254f4e17aa89e66c7714814b
kernel-debuginfo-common-ppc64le-4.14.0-115.8.2.el7a.ppc64le.rpm SHA-256: 35f7365325505953034e3adc9e6d8f8a9a3af938254f4e17aa89e66c7714814b
kernel-devel-4.14.0-115.8.2.el7a.ppc64le.rpm SHA-256: c294751dd40b53737ea9e2e5b5786347e1fc0540f9ffc04ffbbe92ac92254c35
kernel-doc-4.14.0-115.8.2.el7a.noarch.rpm SHA-256: 8467b08e0a37d6e8699f1103ac4417ac2576d4707ae1db1bc8d3821b4b55cdf7
kernel-headers-4.14.0-115.8.2.el7a.ppc64le.rpm SHA-256: ad648514a541b50f605abfdb61dcce1c1d216a11993abef61b90b43f88cfe957
kernel-tools-4.14.0-115.8.2.el7a.ppc64le.rpm SHA-256: 130a45e3dc103c736836ddeae5fa68290f1c4129ed6854e50d495504f8dff553
kernel-tools-debuginfo-4.14.0-115.8.2.el7a.ppc64le.rpm SHA-256: 4b53acf3583cac396cdb464a8da025ef31ed067365f3e7d2c96858a799465d12
kernel-tools-debuginfo-4.14.0-115.8.2.el7a.ppc64le.rpm SHA-256: 4b53acf3583cac396cdb464a8da025ef31ed067365f3e7d2c96858a799465d12
kernel-tools-libs-4.14.0-115.8.2.el7a.ppc64le.rpm SHA-256: 2020660d2a74c49624f4178ff9dee09d6e6539ae4d12777d88e5c0b7196ef93d
kernel-tools-libs-devel-4.14.0-115.8.2.el7a.ppc64le.rpm SHA-256: 66ba7d41e629bc25b752e80c1488465e940045454a0b5c44e3c8cea6bf0a28f3
perf-4.14.0-115.8.2.el7a.ppc64le.rpm SHA-256: 65fe2481d350c102308db7c5832f3bd30162d3b894e49ad10b1ef8c687d3009b
perf-debuginfo-4.14.0-115.8.2.el7a.ppc64le.rpm SHA-256: fca6f997efe8ba2fc1fb46b17060a165650f57df0a5ad14e585a584cb734776c
perf-debuginfo-4.14.0-115.8.2.el7a.ppc64le.rpm SHA-256: fca6f997efe8ba2fc1fb46b17060a165650f57df0a5ad14e585a584cb734776c
python-perf-4.14.0-115.8.2.el7a.ppc64le.rpm SHA-256: a6ec7b2c42d0de8d2faa8867a33cbbf3f35e6cf0e04d4e7afa1bea73446b09d3
python-perf-debuginfo-4.14.0-115.8.2.el7a.ppc64le.rpm SHA-256: 8fb9debc8e502b0d3e189668a0dc128ce84bc288e4bcce0ea617152aae3d4c24
python-perf-debuginfo-4.14.0-115.8.2.el7a.ppc64le.rpm SHA-256: 8fb9debc8e502b0d3e189668a0dc128ce84bc288e4bcce0ea617152aae3d4c24

Red Hat Enterprise Linux for IBM System z (Structure A) 7

SRPM
kernel-alt-4.14.0-115.8.2.el7a.src.rpm SHA-256: 0aeada308c584e995afcd01f8fb8bce48faf396f257405db53ac330af3583734
s390x
kernel-4.14.0-115.8.2.el7a.s390x.rpm SHA-256: 22469007beeead5f533aaaac96c1afa04e05afc49242e6120b48709dcb8b2a91
kernel-abi-whitelists-4.14.0-115.8.2.el7a.noarch.rpm SHA-256: 18ac0cfc4b77ed0bf7b510f80dcfc1fa60f8855e12ea741ba8394d7f2fd240db
kernel-debug-4.14.0-115.8.2.el7a.s390x.rpm SHA-256: 7f55dc8bd71be6fe2322f6cd9f2013d937f00635dd2a255c6ace0784a3ec330b
kernel-debug-debuginfo-4.14.0-115.8.2.el7a.s390x.rpm SHA-256: e60b1adecddb6df1c13c4db8e2e8e6be2d0292c5bfcc9bde7b089ac5fd0e75a3
kernel-debug-devel-4.14.0-115.8.2.el7a.s390x.rpm SHA-256: 790e06b24f7fd5938cc767e33b13ab6e170b6474531a4758c0af404eee764e8f
kernel-debuginfo-4.14.0-115.8.2.el7a.s390x.rpm SHA-256: 9b15feae12e2a26e2d64a0b931f95b10dfa35d6d394c4bebe3d8e63642576f96
kernel-debuginfo-common-s390x-4.14.0-115.8.2.el7a.s390x.rpm SHA-256: 24065fcbbeea5c2bfe77448c0b28127c889c35bac4a11f3d408d3a60af5e2ce7
kernel-devel-4.14.0-115.8.2.el7a.s390x.rpm SHA-256: 8759f5efa1adc65fd902f63da69c77d57ceee743edcf3932ca942815d4226b38
kernel-doc-4.14.0-115.8.2.el7a.noarch.rpm SHA-256: 8467b08e0a37d6e8699f1103ac4417ac2576d4707ae1db1bc8d3821b4b55cdf7
kernel-headers-4.14.0-115.8.2.el7a.s390x.rpm SHA-256: 5d9651740c8e1b62cbd66fb81469be407b68f45871d98d11d2be646cfcb48dba
kernel-kdump-4.14.0-115.8.2.el7a.s390x.rpm SHA-256: ed9e800dbb430fff9aa82e706b63eb623e9b47940d7381cae30949a282231a58
kernel-kdump-debuginfo-4.14.0-115.8.2.el7a.s390x.rpm SHA-256: e726737d3dce72ebed5688d1304256b530f0b4054640fff5654940261640d7da
kernel-kdump-devel-4.14.0-115.8.2.el7a.s390x.rpm SHA-256: 18b99df80b24eafda1ebe20d690521503baf1e488a3bfa8eab2291a2c3716623
perf-4.14.0-115.8.2.el7a.s390x.rpm SHA-256: 2f30ffcc02cbb2152c5d9c588630d397e26f8c7ea4eec2a43891483e70381954
perf-debuginfo-4.14.0-115.8.2.el7a.s390x.rpm SHA-256: f463ce6b03464b31c920bd445a3391dbd11f5425169533d4408c5cae4e8301fe
python-perf-4.14.0-115.8.2.el7a.s390x.rpm SHA-256: 596ad5e670f29b614874db7a757201b6d2d5e019791297af14d6a1efed14faea
python-perf-debuginfo-4.14.0-115.8.2.el7a.s390x.rpm SHA-256: 50c63ca58357a32d6be5d9106b1fd1fb38ffe4a7baa26003f70fa14c0361bc9a

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
2023
  • Privacy Statement
  • Terms of Use
  • All Policies and Guidelines
We've updated our Privacy Statement effective September 15, 2023.
Red Hat Summit Red Hat Summit
Twitter