What is SACK Panic and what does Combell do about it?
Nowadays, every new bug gets a cool name instead of a boring number, and the same goes for the recent discoveries made by Netflix researchers. They have found several issues in the kernel of Linux and FreeBSD operating systems, and one of them, which is known as ‘SACK Panic’, seems to be the main source of concern. This is a bug in the implementation of TCP, an important IP protocol used worldwide.
Combell constantly monitors the security of your server and hosting package and therefore takes action. More details can be found in this blog post.
What is the problem?
The problem is that with the recently discovered bug, a remote attacker could trigger a ‘kernel panic’, which is similar to the legendary blue screen (BSOD) in Windows. After such a kernel panic, the system will either completely crash or reboot. Since Combell is also using the Linux operating system, action must be taken.
Those who are tech-savvy will find more in-depth technical information about the problem here.
What do we do about it?
Since the news came out, some updates have already been made available, but updates and patches for specific elements of our infrastructure are still being developed. We need to update every layer of our infrastructure, because otherwise it would not make much sense, and there would still be risks. In our lab, we have been testing the updates we already have at our disposal since this morning in order to fully understand the impact on our systems.
All the infrastructure that needs to be patched has already been identified, which means that we will be able to proceed swiftly as soon as we have all the updates available. We expect this to be the case in the coming days.
As soon as we have all the updates, we will start rolling out the patches on the underlying structure. For customers using the Combell Cloud, this will involve a quick reboot of the server. If updates have to be installed within the server itself, we will roll them out within the agreed maintenance window, after extensive testing.
As is customary with Combell, we take immediate action and, thanks to the unique layout of our infrastructure, we are able to roll out updates very quickly. Be sure to follow this blog post, as we will post updates here as soon as we have them.
UPDATE: Any possible threat was eliminated within 24 hours
We have implemented the necessary measures within 24 hours to mitigate the impact of this bug. This means making it impossible for malicious individuals to exploit this vulnerability. Our customers have been protected in no time, which is why this bug has not caused any damage to them.