Netflix researcher has identified several TCP networking vulnerabilities in Linux kernels that could trigger a DoS condition. The most serious flaw, dubbed SACK Panic, allows a remotely-triggered kernel panic on recent Linux kernels. The flaws affect all Linux versions. Most of the issues found by Netflix were already addressed with security patches, and mitigations are also available for those systems that cannot be immediately patched. Users and administrator can mitigate the flaw by completely disabling SACK processing on the system or blocking connections with a low MSS values.”]
Source: https://securityaffairs.co/wordpress/87244/security/dos-flaws-linux-freebsd.html