On the week of July 15th researcher Juha-Matti Tilli disclosed a vulnerability he discovered in the Linux kernel to the kernel maintainers, the National Cyber Security Center - Finland (NCSC-FI), CERT Coordination Center (CERT/CC), and Akamai. The vulnerability, CVE-2018-5390, is a resource exhaustion attack triggered by a specially crafted stream of TCP segments which creates expensive processing within the Linux kernel.
In preparation for the public disclosure of the vulnerability, Akamai prepared and began deploying patches for its network. Simultaneously, Akamai has been working with external parties to ensure that the solution works, verifying that the fix was sufficient to protect its network and customers. Akamai continues to work closely with the vulnerability coordinators at NCSC-FI and CERT/CC to aid the vulnerability disclosure, testing and notification processes.
This issue impacts nearly all current Linux systems, while versions of the Linux kernel release 4.9 or later being the most susceptible. Release version 4.8 and older, while still impacted, require more malicious traffic to exhibit the same level of resource exhaustion.
