Netflix Uncovers TCP Bugs Within The Linux & FreeBSD Kernels

On Monday, Netflix warned of multiple TCP-based remote denial of service bugs. The most serious of these bugs has even been dubbed "SACK Panic" as it could allow remotely-triggering kernel panics using recent versions of the Linux kernel while going back to Linux 2.6.29. The SACK Panic situation can lead to a kernel panic via integer overflows.
Other vulnerabilities include excessive resource usage in different situations. Details in full via the security bulletin.
With the latest Linux kernel Git as of last night, the vulnerabilities are addressed and should soon be appearing in kernel point releases too.
30 Comments