TCP Sack Panic Remote Denial of Service Vulnerability
A remote denial of service vulnerability (CVE-2019-11477) has been identified in several Linux kernels which may cause kernel panics. This vulnerability can be exploited by a remote, unauthenticated attacker and could cause the system to halt.
Many vendors have released patches or mitigations to address the vulnerability.
How does this affect my organisation?
All systems running Linux kernels should be reviewed to determine if they are vulnerable. Systems that are facing the internet and are not behind a reverse proxy should be patched as a priority.
Note that some reverse proxies also use Linux kernels and should be reviewed to determine if they are vulnerable to the same attack.
If you are a customer of AC3 Managed Services, AC3 will be in contact to organise an appropriate window to apply these patches.
For more information about this vulnerability please refer to the links at the end of this alert.
Threat rating and recommendation
Based on information available at the time of this notice, we have classified this threat as Action Required – Urgent Remediation Action Required.
Customers are recommended to review their environment and apply the appropriate patches as soon as possible. It is recommended that customers prioritise systems that are internet facing and are not protected by reverse proxies
Key
Advice – no urgent remediation action required
Warning – watch and act
Action Required – urgent remediation action required
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11477
https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md