Linux Kernel TCP implementation vulnerable to Denial of Service

This issue impacts nearly all current Linux systems, while versions of the Linux kernel release 4.9 or later being the most susceptible. Release version 4.8 and older, while still impacted, require more malicious traffic to exhibit the same level of resource exhaustion.

feedback from the TO team on patching the kernel is highly sought/appreciated

1 Like


thank you for your notice.

According to the mailing list, the fix is included in kernel version 4.4.146.
It will be part of Turris OS 3.10.4. We’d like to release RC soon. In the meantime @miska 16 hours ago updated the kernel to 4.4.146 in the nightly branch.

See this commit: