[dang]

That seems to have a bit more information, so we switched to it from https://www.openwall.com/lists/oss-security/2019/06/17/5. Thanks!

[loeg]

https://github.com/Netflix/security-bulletins/blob/master/ad... is the advisory by the party that discovered the issue. (Disclosure: I have met Jonathan Looney and know some of the Netflix engineering staff, but I don't work for Netflix.)

[caf]

This mentions FreeBSD impacts as well which the RedHat link doesn't.

[trasz]

For FreeBSD only the RACK stack seems to be affected - that's an alternative TCP/IP stack, not the default one.

[ilkkao]

The original link includes links to the patches. Fascinating how the SACK MSS problem seems to be a relatively simple situation nobody realized can occur.

[jandrese]

You'd have to dig pretty deep to realize that the kernel structure is limited to just 17 entries, and then do the math with minimum packet sizes vs. header sizes.