SACKED - CVE-2019-11477 & CVE-2019-11478 & CVE-2019-11479

home | blog | Teh Internet | guest blog |rants | placeholder | political | projects | Gwen and Liam | Citadel patched | Tools | Scouts

- Careful Chrome users, this search box might be "Not secure"

/proc/sys/net/ipv4/tcp_sack - TCP Selective Acknowledgements. They can    
reduce retransmissions, however make servers more prone to DDoS Attacks   
and increase CPU utilization.

Uh, so what did Netflix to, read the kernel documentation?
Good advice from Suse:
Give this a shot if you find you need relief (with a trade-off):
echo 0 > /proc/sys/net/ipv4/tcp_sack