Critical Linux Kernel SegmentSmack IssueA new vulnerability has been revealed to cause harm in Linux enabled systems. This can effect multiple systems and devices from Routers, Servers, Workstations, IoT, Tablets, Smart phones. The new vulnerability can be identified as: CVE Identifiers: CVE-2018-5390 It is affecting multiple popular Linux distributions.More information available at CERT n, please see https://www.kb.cert.org/vuls/id/962459.
Credit also goes to Nokia Bell Labs for reporting this vulnerability. The kernel vulnerability TCP flaw can let a blackhat attacker to freeze devices with a small DoS Denial of Service attack. The vulnerability is named SegmentSmack and gives remote blackhat attackers the possibility to knock out a system with just sending minimal amount of traffic to the target. Linux users are being warned that the vulnerability bug persist in Linux kernel 4.9 and newer and can be exploited to cause DoS Denial of Service conditions. SegmentSmack Linux Kernel VulnerabilityIt is unknown if the vulnerability is already being exploited in the wild. The vulnerability is that the Linux Kernel is tricked and must make very expensive connections to tcp_collapse_ofo_queue() & tcp_prune_ofo_queue() in all incoming tcp packets. This can easily result in a Denial of Service DoS attack. Linux centralization shows single point of vulnerabilityIt is still unconfirmed how many vendors are vulnerable in practical devices. Large vendors vulnerable Including Amazon to Ubuntu
The Protector UTM Firewall already have IPS signatures to block this attacker across a network with vulnerable devices. |