On 04/10/16 18:04, pasiit wrote:

> check if your system is affect by running command "cat
> /proc/sys/net/ipv4/tcp_challenge_ack_limit".
> If the file is there and the value is 100 or less. Then follow the
> workaround to fix the vulnerable.
>
>
> 1) Open the config file with: sudoedit /etc/sysctl.conf
> 2) Insert the line net.ipv4.tcp_challenge_ack_limit = 999999999 into the
> file and save it
> 3) Run sudo sysctl -p to update the configuration


As noted at https://www.suse.com/security/cve/CVE-2016-5696.html (which
I posted earlier in this thread) SUSE have now released updated packages
for some currently supported versions of SUSE products affected by this
issue with more in QA.

HTH.
--
Simon
SUSE Knowledge Partner

------------------------------------------------------------------------
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below. Thanks.
------------------------------------------------------------------------