Netflix security team discovers the new “SACK” Panic security vulnerability.
The Netflix security team discovered these flaws during routine security testing work. They are triggered by sending a series of malicious packets to vulnerable systems. The result can slow or crash the target system – effectively triggering a remote Kernel panic.
Major vendors have released a series of patches and workarounds.
The three vulnerabilities are:
- SACK Panic – CVE-2019-11477 (Severity: Important)
- CVE-2019-11478 (Severity: Moderate)
- CVE-2019-11479 (Severity: Moderate)
AWS has also issued an advisory for its cloud customers.
- Netflix discovers SACK Panic and other Linux security flaws
- Multiple DoS vulnerabilities affect Linux and FreeBSD
- Bleeping Computer
- El Reg