Advisory: Support Portal Maintenance. Login is currently unavailable, more info available here.
Three related flaws were found in the Linux kernel’s handling of TCP Selective Acknowledgement (SACK) packets handling with low MSS size. These have been assigned the following CVEs: CVE-2019-11477 is considered an Important severity while CVE-2019-11478 and CVE-2019-11479 are considered a Moderate severity.
The following article outlines the details of the TCP SACK PANIC and how it impacts Sophos products.
TCP SACK PANIC kernel vulnerability fix released plan has been updated. Kindly check this link: