[arch-general] CVE-2019-11477 (/proc/sys/net/ipv4/tcp_sack)

David C. Rankin drankinatty at suddenlinkmail.com
Sat Jun 22 06:31:08 UTC 2019

On 06/21/2019 01:44 AM, Levente Polyak via arch-general wrote:
> I guess you mean 5.1.12 as long as you are not a visitor from the future.
> 5.1.11 was the upstream fix version for the SACK issues, you can use our
> Arch Linux specific security tracker to get this information:
> https://security.archlinux.org/CVE-2019-11477
> https://security.archlinux.org/CVE-2019-11478
> https://security.archlinux.org/CVE-2019-11479
> which lists all affected and fixed variants/versions.
> there have been advisories published on the tracker and via our sec
> announcements ML.
> So as long as you are running latest kernels, no other mitigation is needed.
> cheers,
> Levente

Thank you Levente

  Not from the future, just a notorious bass-ackwards typist. Perhaps a dumb
question, but where would I find (other than the security.archlinux.org page
the cross-reference that tells me CVE-XXX is in group, e.g. AVG-986?

David C. Rankin, J.D.,P.E.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-general/attachments/20190622/aa0dafe0/attachment.sig>

More information about the arch-general mailing list