Category: VyOS Platform Blog | security
CVE-2019-11477 (TCP SACK panic) and an Intel i40e driver issue
Recently discovered vulnerability in the Linux kernel's TCP selective acknowledgement processing code potentially allows a remote attacker to cause a kernel pan...
The "operator" level is proved insecure and will be removed in the next releases
The operator level in VyOS is a legacy feature that was inherited from the forked Vyatta Core code. It was always relatively obscure, and I don't think anyone r...
CVE-2015-5366, 1.1.6 maintenance release, and the new public key
1.1.6 maintenance release is available for download from the primary server (mirrors are still syncing up).