Netflix discovers SACK Panic and other Linux security flaws

A number of Linux and FreeBSD servers and systems are vulnerable to a denial of service vulnerability dubbed SACK Panic, as well as other forms of attack. A total of three security flaws were discovered by Jonathan Looney of Netflix Information Security. A series of malicious packets sent to vulnerable system is all it takes to crash or slow them down -- a remotely-triggered kernel panic. Patches and workaround have been released to help plug the holes. See also: Microsoft advises Azure customers to update Exim to avoid a Linux worm OpenMandriva Lx 4.0 Linux distro is here, and there… [Continue Reading]