New vulnerabilities may let hackers remotely SACK Linux and FreeBSD systems

I smell a new video coming…

If not by me, it will be discussed on How They Got Hacked this Friday


Four CVE’s, yowzers…

Look forward to hearing what you all have to say about this one! Now I know what I’m doing tonight! :face_palm:

Applied patches. What seemed a little odd was how RHEL characterized the CVEs as astep down from critical. None the less RHEL had patches.

If Kernel Panics, DoS’s, and slowing systems to a crawl, doesn’t get characterized as critical, how bad does it have to be? good grief…

As a side note, I wonder how pfSense and FreeNAS will be dealing with these, as it affects BSD as well.

pfsense is not vulnerable to the recently announced SACK issues (CVE-2019-5599), as current releases do not use the affected FreeBSD versions or non-default TCP stack required by the attack.

1 Like

phew…was starting to plan a time to update all of my pfsense boxes. Weekend is clear now.

As I run the Snap/DEV channel, and have for many months now without issues, I was glad to see this as a follow-up post. Thanks @LTS_Tom for posting the original tweet!