Sack Panic - Linux Vulnerabiltiy

[That_Sound_Guy]

Figured I'd post for notice

https://www.zdnet.com/article/netfl...-panic-kernel-bug-now-to-stop-remote-attacks/

The most serious of the four flaws, CVE-2019-11477, is called SACK Panic, referring to the Linux kernel's TCP Selective Acknowledgement (SACK) capabilities.

Remote attackers can exploit this flaw to trigger a kernel 'panic' that could crash a machine, leading to a denial of service. This affects Linux kernel versions from 2.6.29 and above.

 

[Jagger100]

Is this responsible disclosure? I know Linux is open anyway. But even a week could save a lot of grief.

 

[Nobu]

RedHat already has mitigation proceedures and updates available.

 

[$trapped]

RedHat already has mitigation proceedures and updates available.

The beauty of open source in action.

Edit: Right after I posted I was alerted that the kernel fix was ready to install.

 

[Nobu]

Found the link to the original publication, with patches. Seems like they spent some time looking for solutions before announcing it. Responsible enough? Jagger100

 

[Zarathustra[H]]

I got a kernel update today. I guess this was why.

This is why I love Linux. Problem is found, problem is patched 3 hours later.

None of this Microsoft "next patch Tuesday" or Apple, 6 months later when they get around to their next OS update.

No software is immune to security issues. It's how they handle the patching that matters.

Edit:

Heck, looking at this, it looks like they even patched their EOL distributions 12.04 and 14.04. Bravo.

 

[ChadD]

Heck, looking at this, it looks like they even patched their EOL distributions 12.04 and 14.04. Bravo.

Cool that Ubuntu took care of their older distros. Other nice thing about Linux even if they hadn't any decent system admin could rebuild the required kernel from source. Ubuntu rebuilding it is much better though. Agreed Bravo.

 

[Vermillion]

Cool that Ubuntu took care of their older distros. Other nice thing about Linux even if they hadn't any decent system admin could rebuild the required kernel from source. Ubuntu rebuilding it is much better though. Agreed Bravo.

Hell try doing a sysctl command in windows to mitigate the problem until they patch it lol.

This is a bad bug but overall the brouhaha over it is all about clickbait headlines.

Fast patching and an easy to do mitigation. Gotta love it.

 

[Zarathustra[H]]

Cool that Ubuntu took care of their older distros. Other nice thing about Linux even if they hadn't any decent system admin could rebuild the required kernel from source. Ubuntu rebuilding it is much better though. Agreed Bravo.

Yeah, looking at it now, that is for the ESM versions of 12.04 and 14.04 only. These are apparently paid Extended Security Maintenance for enterprise users who are stuck on these older releases.