CloudLinux - TCP SACK PANIC - CloudLinux Blog

CloudLinux 6 kernel with the fix for TCP SACK PANIC vulnerability is released

CloudLinux 6 kernel version 2.6.32-954.3.5.lve1.4.66 is now available for download from our production repository. You can find more about TCP SACK PANIC vulnerability in this post. Changelog: CKSIX-220: CVE-2019-11477: SACK PanicCKSIX-221: CVE-2019-11478: SACK Slowness or Excess Resource UsageCKSIX-222: CVE-2019-11479: Excess Resource Consumption ...
Continue reading
Recent Comments
Guest — Guest
Are manual mitigations mentioned on the redhat 'resolve' page necessary even after this kernel update?
Thursday, 27 June 2019 06:41
Kate Grechishkina
Hello, After you apply this kernel update and reboot the server, you are all set. There will be no need to apply the Mitigation st... Read More
Thursday, 27 June 2019 11:48
  2900 Hits

Don’t panic about TCP SACK PANIC—we’re working on it

Recently, TCP networking vulnerabilities have been discovered in FreeBSD and Linux kernels by Netflix. There are three flaws, one of them is rated by severity as Important (CVE-2019-11477), and two as Moderate (CVE-2019-11478 and CVE-2019-11479). What is the problem? The flaws use the Maximum Segment Size (MSS) and TCP Selective Acknowledgement (SA...
Continue reading
Recent Comments
Guest — Ryan Smith
KernelCare eta?
Thursday, 20 June 2019 16:15
Ivan Zhmud
Hello Ryan. It will be in 2-3 working days. Follow please for our updates Read More
Thursday, 20 June 2019 16:55
Guest — Paul Roche
Cloudlinux 7 Hybrid?
Thursday, 20 June 2019 19:10
  7978 Hits

EU e-Privacy Directive

We use cookies to ensure you get the best experience using our website and services. Read more about it in our Privacy Policy. Please agree to the use of cookies to proceed. Alternatively, you may disable cookies in your browser at any time.

You have declined cookies. This decision can be reversed.

You have allowed cookies to be placed on your computer. This decision can be reversed.