Share with friends and colleagues on social media

Today, on August 6th 2018, researchers from FICORA have published a remote denial of service attack against Linux Servers, called “SegmentSmack” (CVE-2018-5390).

Due to inefficient programming remote attackers could use a lot of compute resources by exploiting worst-case behaviour in the TCP segment reassembly code of newer Linux Kernels, which could allow even single attackers to block network traffic processing on powerful servers.

This algorithmic inefficiency only affected Linux Kernels 4.9 and later, so only SUSE Linux Enterprise 15 was affected by this problem.

Linux Kernel updates have been published today that get rid of the worst-case behaviour and so render the atttack non-functional.

Further information can be found on our TID 7023243 and on our CVE-2018-5390 page.

Share with friends and colleagues on social media
Tags: , ,
Category: Announcements, Server, SUSE Linux Enterprise, SUSE Linux Enterprise Server
This entry was posted Monday, 6 August, 2018 at 5:00 pm
You can follow any responses to this entry via RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *

No comments yet