• Thursday, June 20, 2019

-- This message is only if you have a dedicated linux server or a cloud linux server. --

A vulnerability targeting the networking stack in linux servers running kernel 2.6.29 or newer has been discovered that allows for Networking denial-of-service of varying severity, leveraging TCP "Selective Acknowlegment" (SACK).

Because the vulnerability requires absolutely no authentication, it could be used to deny networking indefinitely to any linux server using an unpatched kernel released in the last 10 years.

Due to the ease of exploitation, and the impact of exploitation, we have patched and rebooted all affected, fully-managed hosts.

You can read more about the exploit (and patches mitigating it), here: https://www.openwall.com/lists/oss-security/2019/06/17/5 and here https://access.redhat.com/security/vulnerabilities/tcpsack

If you have an unmanaged server, please refer to the links above to pacth your server.