NopSec.com uses cookies to make interactions with the Company’s Websites easy and meaningful. When you visit one of the Company’s Websites, NopSec.com’s servers send a cookie to your computer. Standing alone, cookies do not personally identify you; they merely recognize your Web browser. Unless you choose to identify yourself to NopSec.com, either by responding to a promotional offer, opening an account, or filling out a Web form (such as a “Contact Us” or a “Free Trial” Web form), you remain anonymous to the Company. Please go to our privacy statement for details.

Acknowledge

Trending CVEs for the Week of June 17th, 2019

Why IAM Technology is Critical to Your Vulnerability Management Program

CVE-2019-11477 – SACK Panic

Remote Command Execution Flaw in Exim is still trending on social media and we extensively covered CVE-2019-10149 in June 10th blog post. This week, we will talk about CVE-2019-11477 which is runner-up in the list. This vulnerability has discovered by Jonathan Looney who is engineer manager at Netflix.

Description

CVE-2019-11477, known as “SACK Panic”, is referring to the Linux kernel’s TCP Selective Acknowledgement (SACK) capabilities.

Affected Platforms

Linux 6, 6.5, 6.6, 7, 7.2, 7.3, 7.4, 7.5, 8 platforms; kernel & kernel-rt packages.

You can find the full list here.

Exploitation and Risk

Successful exploitation of this vulnerability will result in a denial of service (DoS) on affected systems.

Fixes

Netflix provided patches and mitigation for CVE-2019-11477

They can be found here.

References

National Vulnerability Database

Redhat

Netflix Github

 

Schedule a Product Demo Today!

See how NopSec's security insights and cyber threat exposure management platform can organize your security chaos.