This bug was fixed in the package linux - 5.0.0-17.18
--------------- linux (5.0.0-17.18) disco; urgency=medium
* Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard manipulation (LP: #1831638) - SAUCE: tcp: tcp_fragment() should apply sane memory limits
* Remote denial of service (system crash) caused by integer overflow in TCP SACK handling (LP: #1831637) - SAUCE: tcp: limit payload size of sacked skbs
-- Stefan Bader <email address hidden> Tue, 04 Jun 2019 17:22:50 +0200
This bug was fixed in the package linux - 5.0.0-17.18
---------------
linux (5.0.0-17.18) disco; urgency=medium
* Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard
manipulation (LP: #1831638)
- SAUCE: tcp: tcp_fragment() should apply sane memory limits
* Remote denial of service (system crash) caused by integer overflow in TCP
SACK handling (LP: #1831637)
- SAUCE: tcp: limit payload size of sacked skbs
-- Stefan Bader <email address hidden> Tue, 04 Jun 2019 17:22:50 +0200