Netflix discovers SACK Panic and other Linux security flaws

Netflix security team discovers the new “SACK” Panic security vulnerability.

The Netflix security team discovered these flaws during routine security testing work. They are triggered by sending a series of malicious packets to vulnerable systems. The result can slow or crash the target system – effectively triggering a remote Kernel panic.

Major vendors have released a series of patches and workarounds.

The three vulnerabilities are:

• SACK Panic – CVE-2019-11477 (Severity: Important)
• CVE-2019-11478 (Severity: Moderate)
• CVE-2019-11479 (Severity: Moderate)

AWS has also issued an advisory for its cloud customers.

More details are available in the security advisory posted on GitHub. Red Hat, SUSE and Debian also have helpful resources and information.

Read More:

• Netflix discovers SACK Panic and other Linux security flaws
• Multiple DoS vulnerabilities affect Linux and FreeBSD
• Bleeping Computer
• El Reg