Dear Valued Clients

A vulnerability targeting the networking stack in linux servers running kernel 2.6.29 or newer has been discovered that allows for Networking denial-of-service of varying severity, leveraging TCP "Selective Acknowlegment" (SACK).

Because the vulnerability requires absolutely no authentication, it could be used to deny networking indefinitely to any linux server using an unpatched kernel released in the last 10 years.

Due to the ease of exploitation, and the impact of exploitation, we will be patching and rebooting all affected, fully-managed hosts overnight.

You can read more about the exploit (and patches mitigating it), here: https://www.openwall.com/lists/oss-security/2019/06/17/5 and here https://access.redhat.com/security/vulnerabilities/tcpsack

Impact of Work:
All linux shared hosting servers will be briefly rebooted over the next 2 hours.  Expected downtime on each server will be around 2-5 minutes

Your sites may not be accessible during this maintenance.

Regards,

STPWebHosting.com

 



Wednesday, June 19, 2019

« Back