uses cookies to make interactions with the Company’s Websites easy and meaningful. When you visit one of the Company’s Websites,’s servers send a cookie to your computer. Standing alone, cookies do not personally identify you; they merely recognize your Web browser. Unless you choose to identify yourself to, either by responding to a promotional offer, opening an account, or filling out a Web form (such as a “Contact Us” or a “Free Trial” Web form), you remain anonymous to the Company. Please go to our privacy statement for details.


Trending CVEs for the Week of June 17th, 2019

CVE-2019-11477 – SACK Panic

Remote Command Execution Flaw in Exim is still trending on social media and we extensively covered CVE-2019-10149 in June 10th blog post. This week, we will talk about CVE-2019-11477 which is runner-up in the list. This vulnerability has discovered by Jonathan Looney who is engineer manager at Netflix.


CVE-2019-11477, known as “SACK Panic”, is referring to the Linux kernel’s TCP Selective Acknowledgement (SACK) capabilities.

Affected Platforms

Linux 6, 6.5, 6.6, 7, 7.2, 7.3, 7.4, 7.5, 8 platforms; kernel & kernel-rt packages.

You can find the full list here.

Exploitation and Risk

Successful exploitation of this vulnerability will result in a denial of service (DoS) on affected systems.


Netflix provided patches and mitigation for CVE-2019-11477

They can be found here.


National Vulnerability Database


Netflix Github


Schedule a Product Demo Today!

See how NopSec's end-to-end Cyber Exposure Management platform can organize your security chaos.