linux kernel vulnerability 4.9+



  • https://www.kb.cert.org/vuls/id/962459
    Got this in an email blast from US CERT this morning.



  • Vulnerability Note VU#962459
    Linux Kernel TCP implementation vulnerable to Denial of Service
    Original Release date: 06 Aug 2018 | Last revised: 06 Aug 2018

    The Linux kernel, versions 4.9+, is vulnerable to denial of service conditions with low rates of specially modified packets.

    Description
    CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion') - CVE-2018-5390

    Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. An attacker can induce a denial of service condition by sending specially modified packets within ongoing TCP sessions. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port. Thus, the attacks cannot be performed using spoofed IP addresses.

    Impact
    An remote attacker may be able to trigger a denial-of-service condition against a system with an available open port.

    Solution
    Apply a patch
    Patches for the Linux kernel are available to address the vulnerability.



  • So not too bad a vulnerability. And it's already been patched. That's good.



  • @coliver said in linux kernel vulnerability 4.9+:

    So not too bad a vulnerability. And it's already been patched. That's good.

    It is bad. What good is a server that's isn't providing a service? It may as well be turned off.

    Patched already is great.



  • @obsolesce said in linux kernel vulnerability 4.9+:

    @coliver said in linux kernel vulnerability 4.9+:

    So not too bad a vulnerability. And it's already been patched. That's good.

    It is bad. What good is a server that's isn't providing a service? It may as well be turned off.

    Patched already is great.

    It could be giving up secure and privileged information... at least with this one you know there is an issue.


Log in to reply