TCP SACK flaws in Linux and FreeBSD

TCP SACK flaws in Linux and FreeBSD

On June 17, 2019, Netflix researchers announced three vulnerabilities that have been discovered in the FreeBSD and Linux kernels. The vulnerabilities gives attackers the possibility to induce a denial-of-service by clogging network I/O on affected systems. This attack will result in a system crash of the server or instance.

Since the announcement, our engineers have been mapping out the impact of these vulnerabilities and have taken several measures to protect the Fuga Cloud services. Yesterday we have implemented a fix so that the systems of Fuga Cloud are no longer vulnerable for this attack.

Despite that the systems of Fuga Cloud are now well protected it is still possible that instance of customers can be affected by this vulnerability. For maximum security, we asked all our customers to make sure that the kernel of their instances are up-to-date. We have described here how you can upgrade the kernel of your instance to the latest version. In addition to this article on, we have also informed our customers by e-mail.

For more information about this vulnerabilities, please read this article.

Was this article helpful?

Next article:

Intel's Microarchitectural Data Sampling (MDS) Vulnerability

Yesterday evening, Intel issued a statement about multiple vulnerabilities in Intel CPUs. This concerns vulnerabilities that fall under Microarchitectural Data Sampling (MDS) (also known as ZombieLoad, RIDL and Fallout). Since the announcement of this news, our engineers have been mapping out the measures that need to be taken to minimize the impact on Fuga Cloud services. We also closely follow the updates from Intel in order to provide maximum protection for the platform and your environment.

Improved performance and more features


Start NOW! More information