That_Sound_Guy
2[H]4U
- Joined
- Apr 29, 2002
- Messages
- 3,076
Figured I'd post for notice
https://www.zdnet.com/article/netfl...-panic-kernel-bug-now-to-stop-remote-attacks/
https://www.zdnet.com/article/netfl...-panic-kernel-bug-now-to-stop-remote-attacks/
The most serious of the four flaws, CVE-2019-11477, is called SACK Panic, referring to the Linux kernel's TCP Selective Acknowledgement (SACK) capabilities.
Remote attackers can exploit this flaw to trigger a kernel 'panic' that could crash a machine, leading to a denial of service. This affects Linux kernel versions from 2.6.29 and above.