Welcome!
Important information
-- Spectre and Meltdown vulnerabilities
-- Change in MX sources

News
-- MX Linux on social media: here
-- Mepis support still here

Current releases
-- MX-17.1 Final release info here
-- antiX-17 release info here

New users
-- Please read this first, and don't forget to add system and hardware information to posts!
-- Here are the Forum Rules

Batten down the ports: Linux networking bug SegmentSmack could remotely crash systems

Post Reply
Message
Author
User avatar
colin_b
Forum Regular
Forum Regular
Posts: 421
Joined: Sun Mar 19, 2017 7:21 pm

Batten down the ports: Linux networking bug SegmentSmack could remotely crash systems

#1 Post by colin_b » Wed Aug 08, 2018 12:08 pm

https://www.theregister.co.uk/2018/08/07/segmentsmack/
A networking flaw has been discovered in the Linux kernel that could trigger a remote denial-of-service attack.

Versions 4.9 and up are "vulnerable to denial-of-service conditions with low rates of specially crafted packets", according to a US-CERT advisory this week. The bug is being tracked as SegmentSmack (CVE-2018-5390).

SegmentSmack – which sounds a bit like an American wrestler whose speciality is to close bouts just before an ad break – has prompted fixes for a wide variety of networking kit.

The flaw could be worse – there's no remote code execution – but it's an issue because hackers may be able to remotely tie up or crash vulnerable systems provided they are configured with an open port. Firewalls are a sufficient defence here.

Fortunately patches are already available to address the vulnerability from a long list of networking, security, storage and open-source OS vendors.

Post Reply

Return to “Software / Configuration”