Three related flaws have been found in the Linux kernel’s handling of TCP networking. Let’s take a look at what this means and what you can do about it. What is the vulnerability? The flaws were found in the Linux kernel’s handling of TCP Selective Acknowledgement (SACK) packets, handling with low Maximum Segment Size (MSS). The issues have been assigned multiple CVEs: CVE-2019-11477 is considered an Important severity, whereas CVE-2019-11478 and CVE-2019-11479 are considered a Moderate severity. The most severe vulnerability could allow a remote attacker to trigger a SACK PANIC in systems running the affected software. This causes a huge drop in network efficiency and, as a result, impacts…