Home Linux Incident Response Linux Enterprise Security Sample Memory Images Contact Published October 1, 2014; updated October 2, 2014 with CVE number. In the late 1990s and early 2000s, many operating systems were found to have flawed TCP/IP sequence number generators, and this was identified as a serious security vulnerability (see, for example, Strange Attractors and TCP/IP Sequence Number Analysis - One Year Later ). Since that time, generators have been improved, it has been assumed that the problem was dealt with, and most people stopped thinking about these kinds of vulnerabilities. However, we have identified a problem with Linux kernel, the result of which was that secret random seed values (e.g., net_secret , syncookie_secret , inet_ehash_secret , etc.) were never initialized on some systems. This would mean that values such as IP IDs, TCP sequence numbers,...