oss-sec mailing list archives
Re: CVE-2018-5391: Linux kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack)
From: "David T." <davidmthomsen () gmail com>
Date: Tue, 14 Aug 2018 17:09:38 -0400
Is this the same as "SegmentSmack" that came out last week, CVE-2018-5390? Or, what is the difference? On Tue, Aug 14, 2018 at 16:31 Vladis Dronov <vdronov () redhat com> wrote:
Heololo, A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithms by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system. External References: https://www.kb.cert.org/vuls/id/641765 https://access.redhat.com/articles/3553061 https://bugzilla.redhat.com/show_bug.cgi?id=1609664 Best regards, Vladis Dronov | Red Hat, Inc. | Product Security Engineer
-- Very respectfully, David M Thomsen
Current thread:
- CVE-2018-5391: Linux kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack) Vladis Dronov (Aug 14)
- Re: CVE-2018-5391: Linux kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack) David T. (Aug 15)