Home / Linux / Two Linux bugs let remote attackers knock out network devices with low-traffic attacks – CSO

Two Linux bugs let remote attackers knock out network devices with low-traffic attacks – CSO

Linux distributions have flagged patches for two bugs in the Linux kernel that could allow remote attackers to trigger a denial of service (DoS) on machine. 

Ubuntu, RedHat and other maintainers of Linux operating systems are releasing patches for the the bugs. One is called “FragmentSmack” since the DoS can be triggered by the way the Linux kernel reassembles fragmented Internet Protocol version 4 (IPv4) and IPv6 packets. 

The US CERT Coordination Center posted an alert about the security issue, tagged with the ID CVE-2018-5391, and notes the issue affects versions 3.9 and above of the Linux kernel.   

The kernel bug allows an attacker to send a low rate of specially crafted IP packet fragments that can trigger excessive RAM consumption that ultimately saturates the CPU and knocks, making the system unavailable.    

It’s possible that many network, computer and mobile vendors are affected and follows the recent discovery of another related kernel bug that RedHat called SegmentSmack, which allowed an attacker to cause a DoS using a low rate of TCP packets.  

Loading...

>> Source Link

Check Also

Google Play Store serves up $0.99 movie rentals, cut-price games

Google has already hopped aboard the Black Friday bandwagon with recent hardware discounts. But what …

%d bloggers like this: