Yepeng Pan

**Name of the Vulnerable Software and Affected Versions** Webmin versions prior to 2.202 Virtualmin versions prior to 7.20.2 **Description** The issue is related to a network traffic loop via spoofed UDP packets on port 10000, which can cause a denial of service. This problem is associated with an unreachable condition exit cycle. The vulnerability is being actively exploited and can allow a remote attacker to cause a denial of service. **Recommendations** For Webmin versions prior to 2.202, update to version 2.202 or later. For Virtualmin versions prior to 7.20.2, update to version 7.20.2 or later.

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.2 Description: The issue is related to the Linux kernel's handling of ACK packets in TCP connections. Specifically, the kernel would accept ACK packets with acknowledgment numbers that acknowledge data never sent by the server. This could potentially allow an attacker to exploit the vulnerability. The patch for this issue makes the ACK check more stringent, only accepting ACKs that are within a specific range. This refinement improves TCP security at a little cost. Recommendations: To resolve this issue, update the Linux kernel to version 4.2 or later. If updating is not possible, consider applying the patch manually or using a workaround provided by the Linux community. As a temporary workaround, consider disabling the affected TCP connections or restricting access to the vulnerable kernel until a patch is available.