MikroTik – Kernel Vulnerability

glitchlist Blog Leave a Comment

Linux kernel vulnerability
Netflix has identified several TCP networking vulnerabilities in the Linux kernel that is used in RouterOS.


The MikroTik company announces that the vulnerabilities traced in CVE-2019-11477, CVE-2019-11478 and CVE-2019-11479 have been solved by releasing updates for RouterOS 6.45.1 and 6.44.5.

Jonathan Looney, a security expert at Netflix, found three Linux DoS vulnerabilities, two of them related to the minimum segment size (MSS) and TCP Selective Acknowledgement (SACK) capabilities, and one related only to MSS.



The vulnerability is exploitable on all Linux Kernel version of RouterOS that are not upgraded to 6.45.1 and 6.44.5. It causes a Denial of Service event from a TCP/MSS overflow Kernel Panic.

Attack surface:

According to shodan.io:

shodan count mikrotik 

today there are 1711153 MikroTik devices on the public Internet!


for MikroTik devices upgrade to RouterOS 6.45.1 and 6.44.5
for Linux upgrade to Kernel 4.4.182, 4.9.182, 4.14.127, 4.19.52 or 5.1.11


.glitchlist crew

Leave a Reply

Your email address will not be published. Required fields are marked *