Linux and FreeBSD are vulnerable to several TCP-based attacks

In case you missed it: Linux and FreeBSD are vulnerable to several TCP-based attacks.

Affected are:

– CVE-2019-11477: Linux kernels 2.6.29 and above
– CVE-2019-11478: Linux kernels before 4.15
– CVE-2019-5599: FreeBSD 12 with RACK
– CVE-2019-11479: all Linux kernels so far

Check if your systems already provide security updates and update ASAP.

Some Linux distributions and companies published websites/advisories to address these vulnerabilities:

– Red Hat: https://access.redhat.com/security/vulnerabilities/tcpsack
– Debian: https://www.debian.org/security/2019/dsa-4465
– Ubuntu: https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic
– Arch: https://security.archlinux.org/CVE-2019-11477, https://security.archlinux.org/CVE-2019-11478, https://security.archlinux.org/CVE-2019-11479
– Manjaro: https://lists.manjaro.org/pipermail/manjaro-security/2019-June/000945.html
– SUSE: https://www.suse.com/security/cve/CVE-2019-11477/, https://www.suse.com/security/cve/CVE-2019-11478/, https://www.suse.com/security/cve/CVE-2019-11479/
– Gentoo: https://bugs.gentoo.org/show_bug.cgi?id=CVE-2019-11479
– AWS: https://aws.amazon.com/security/security-bulletins/AWS-2019-005/

Add more pages to help others, thanks.