On 04/10/16 18:04, pasiit wrote:

> check if your system is affect by running command "cat
> /proc/sys/net/ipv4/tcp_challenge_ack_limit".
> If the file is there and the value is 100 or less. Then follow the
> workaround to fix the vulnerable.
> 1) Open the config file with: sudoedit /etc/sysctl.conf
> 2) Insert the line net.ipv4.tcp_challenge_ack_limit = 999999999 into the
> file and save it
> 3) Run sudo sysctl -p to update the configuration

As noted at https://www.suse.com/security/cve/CVE-2016-5696.html (which
I posted earlier in this thread) SUSE have now released updated packages
for some currently supported versions of SUSE products affected by this
issue with more in QA.

SUSE Knowledge Partner

If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below. Thanks.