[Cerowrt-devel] sack panic CVEs
Dave Taht
dave.taht at gmail.com
Tue Jun 18 17:23:19 EDT 2019
Apparently people are exploiting this in the wild.
https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md
CeroWrt - if anyone is still running it, does have a web server that
might be vulnerable, same for the ssh port. openwrt as well, well...
*Anybody* with an exposed tcp server of just about any sort on freebsd
or linux seems vulnerable to the first bug, which causes a kernel
panic.
Ironically I had been pushing over on ecn-sane to experiment with
lowering the MSS to keep signal strength up in highly congested
scenarios. Apparently,
someone found another use for the idea.
There is an iptables workaround,, documented here:
https://forum.openwrt.org/t/sack-panic-multiple-tcp-based-remote-denial-of-service-vulnerabilities/39028/7
I remember the "ping O death" which cost me christmas in the early
90s. I've been watching the patches to the kernel land and wishing I
was somewhere else.
--
Dave Täht
CTO, TekLibre, LLC
http://www.teklibre.com
Tel: 1-831-205-9740
More information about the Cerowrt-devel
mailing list