A new Linux kernel vulnerability capable of triggering a system crash has been identified by Netflix researchers. The vulnerability is linked to the way that selective acknowledgements (SACK) are processed on network connections. The attack can be initiated remotely.
Most VoIP and some UC traffic relies on connectionless network transports and is not affected by this vulnerability, however when a device uses encryption, the connections used do expose the vulnerability.
Patched and updated UM Labs products are not vulnerable.
A simple workaround to address the problem has been created, and a permanent fix is included in an updated Linux kernel. All new products shipped from UM Labs include the updated kernel, this kernel will be included in the next scheduled update. In the meantime, existing customers can request a patch which will apply the necessary update.