Advisory: Support Portal Maintenance. Login is currently unavailable, more info available here.
Three related flaws were found in the Linux kernel’s handling of TCP Selective Acknowledgement (SACK) packets handling with low MSS size. These have been assigned the following CVEs: CVE-2019-11477 is considered an Important severity while CVE-2019-11478 and CVE-2019-11479 are considered a Moderate severity.
The following article outlines the details of the TCP SACK PANIC and how it impacts Sophos products.
Is there an approximate release date for v9.604? Really only very rough, next month or more in 3 months?
Alex, the article linked to above says the first week of July.
Cheers - Bob
I see UTM v9.603 is mentioned in the KB Advisory Article for these CVE's, with v9.604 being release mid July to fix it.
Is there a specific SFOS version or versions affected by this for XG appliances?
Hi and welcome to the UTM Community!
My understanding is that all version are affected as this vulnerability was only discovered earlier this month. In any case, with an XG question, you will want to post in the XG Firewall Community.