[Vulnerability Warning] Linux kernel TCP SACK mechanism remote denial of service vulnerability
On June 18, 2019, Alibaba Cloud Emergency Response Center monitored a security research organization in a foreign country that revealed a flaw in the TCP SACK mechanism of the Linux kernel, which could lead to remote denial of service. The CVE numbers are CVE-2019-11477, CVE-2019-11478, and CVE-2019-11479.
The Linux kernel 2.6.29 and later versions have defects in handling the TCP SACK mechanism, resulting in integer overflow vulnerabilities. An attacker can...