Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Silver

TCP SACK PANIC - Kernel vulnerabilities | Check Point affected?

Jump to solution

Hello,

 

Just wanted to ask for a statement from Check Point regarding CVE-2019-11477, CVE-2019-11478 & CVE-2019-11479. As redhat posted a statement and mentioned several releases are affected my guess is, that Check Point with GAiA is affected too (as based on RH Linux...).

Details can be read below:

https://access.redhat.com/security/vulnerabilities/tcpsack

 

Regards,

Maik

31 Replies
Highlighted

Question:

We have R80.10 gateways that we plan on patching to fix the 3 TCP SACK Panic vuls mentioned in sk156192.

The SK mentions that there is a patch that can be applied on top of Jumbo hotfix take 203.

There is an ongoing take (take 214) that we would like to use.    We opened a TAC case and TAC stated that the patch would not survive any upgrade up to take 214.

So......

  • Would this be when we request for TAC to create a custom patch for R80.10 take 214?
  • Is there an ETA on when this patch/fix will be rolled up into a R80.10 jumbo hot fix.

 

0 Kudos
Admin
Admin
You should be able to ask TAC to port the fix.
They might also be able to advise when the fix will be part of the jumbo.
0 Kudos