Critical Linux Kernel SegmentSmack Issue

A new vulnerability has been revealed to cause harm in Linux enabled systems.

This can effect multiple systems and devices from Routers, Servers, Workstations, IoT, Tablets, Smart phones.

The new vulnerability can be identified as: CVE Identifiers: CVE-2018-5390 

It is affecting multiple popular Linux distributions.

More information available at CERT n, please see

The vulnerability was discovered by Juha-Matti Tilli from Aalto University, Department of Communications & Networking.

Credit also goes to Nokia Bell Labs for reporting this vulnerability.

The kernel vulnerability TCP flaw can let a blackhat attacker to freeze devices with a small DoS Denial of Service attack.

The vulnerability is named SegmentSmack and gives remote blackhat attackers the possibility to knock out a system with just sending minimal amount of traffic to the target.

Linux users are being warned that the vulnerability bug persist in Linux kernel 4.9 and newer and can be exploited to cause DoS Denial of Service conditions.

SegmentSmack Linux Kernel Vulnerability

It is unknown if the vulnerability is already being exploited in the wild.

The vulnerability is that the Linux Kernel is tricked and must make very expensive connections to tcp_collapse_ofo_queue() & tcp_prune_ofo_queue() in all incoming tcp packets.

This can easily result in a Denial of Service DoS attack.

Linux centralization shows single point of vulnerability

It is still unconfirmed how many vendors are vulnerable in practical devices.

Due the centralization and wide deployment of the Linux kernel. This can show the weakness of the Linux point of view.

Large vendors vulnerable Including Amazon to Ubuntu


The Protector UTM Firewall already have IPS signatures to block this attacker across a network with vulnerable devices.