Called SegmentSmack (CVE-2018-5390), the flaw could be considerably worse. There is no remote code execution, for example. However it is a problem because hackers could possibly remotely flood resources or crash systems that are at risk – provided the SysAdmin has left an open port. A decent firewall will defend against the vulnerability.
As usual with Linux, patches are already out to fix the problem from most major networking, storage, security and OS vendors.
Does this impact the enterprise?
Fortunately, almost every enterprise deployment of Linux is not yet running the 4.9 kernel so are not impacted by the flaw. However, patching and checking firewall ports are locked down is recommended.
There is no proof of concept exploit in the wild for the flaw and patches are issued.
So lots of engineers are going to be busy this morning patching everything they can.
(Remember, when you choose a managed hosting company like Hyve, all patches will be taken care of for you, so your IT resource can concentrate on other tasks).