Netflix has identified several TCP networking vulnerabilities in FreeBSD and Linux kernels. The most serious Linux vulnerability – dubbed “SACK Panic,” – would allow a malicious attacker to crash Linux-based systems remotely using specially crafted traffic. AWS, Ubuntu and Red Hat are among those to have issued urgent advisories.
Ubuntu Linux kernels for all major cloud environments are among those affected (i.e. linux-aws; linux-gcp; linux-azure; linux-oracle). The attack can be triggered by certain TCP Selective Acknowledgment (SACK) sequences, Netflix’s Jonathan Looney explained in a