Security News

Serious Vulnerabilities Found in FreeBSD and Linux

Netflix has identified several TCP networking vulnerabilities in FreeBSD and Linux kernels.

According to the Openwall website, "The vulnerabilities specifically relate to the minimum segment size (MSS) and TCP Selective Acknowledgement (SACK) capabilities. The most serious, dubbed “SACK Panic,” allows a remotely-triggered kernel panic on recent Linux kernels. There are patches that address most of these vulnerabilities. If patches can't be applied, certain mitigations will be effective. We recommend that affected parties enact one of (our actions), based on their environment."

Read Openwall's full report, including some patches that address the issue, HERE.

*Reddit has gone into overdrive, with comments like this being bandied about, "So, If I understand correctly, the entire internet is f***ed? Any linux machine with publicly reachable TCP port can be DoS'ed/rebooted."

. . .

If you want to stay notified of vulnerabilities that affect you, register for a weekly security report customised to your stack.

Get weekly security news and vulnerability alerts

Join 833 others receiving a free weekly report with a round-up of vulnerabilities and security news customised to your software stack. See an example email

Example email for SecAlerts

Earlier: