That BUG_ON is a full up kernel panic? That's a pretty severe issue if so. | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		jandrese on June 17, 2019 \| parent \| context \| favorite \| on: SACK Panic – Multiple TCP-based remote denial-of-s... That BUG_ON is a full up kernel panic? That's a pretty severe issue if so.

Twirrim on June 17, 2019 | [–]

Yes. In all seriousness, this is a "drop everything and patch" situation, as soon as the patches are available.

It's a little bit more involved than a ping of death, but still, relatively easy to exploit.

jandrese on June 17, 2019 | | [–]

Seems like anybody with an open TCP port and SACK enabled (the default) is vulnerable.

wademealing on June 18, 2019 | | | [–]

and Generic Segment offloading.

dsp on June 17, 2019 | [–]

Yes.

https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.gi...

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact