
New vulnerability discovered by Netflix can kernel panic Linux - bifrost
https://arstechnica.com/information-technology/2019/06/new-vulnerabilities-may-let-hackers-remotely-sack-linux-and-freebsd-systems/
======
bifrost
Here's the actual Bulletin from Netflix. [https://github.com/Netflix/security-
bulletins/blob/master/ad...](https://github.com/Netflix/security-
bulletins/blob/master/advisories/third-party/2019-001.md)

The Arstechnica article misses a few points, but basically SACK is fairly
broken on Linux and inconvenient on FreeBSD only if you're using the "RACK"
TCP stack, which isn't enabled by default.

------
bifrost
Previous HN discussion of the issue here:
[https://news.ycombinator.com/item?id=20205566](https://news.ycombinator.com/item?id=20205566)

