A networking flaw has been discovered in the Linux kernel that could trigger a remote denial-of-service attack.
Versions 4.9 and up are "vulnerable to denial-of-service conditions with low rates of specially crafted packets", according to a US-CERT advisory this week. The bug is being tracked as SegmentSmack (CVE-2018-5390).
SegmentSmack – which sounds a bit like an American wrestler whose speciality is to close bouts just before an ad break – has prompted fixes for a wide variety of networking kit.
The flaw could be worse – there's no remote code execution – but it's an issue because hackers may be able to remotely tie up or crash vulnerable systems provided they are configured with an open port. Firewalls are a sufficient defence here.
Fortunately patches are already available to address the vulnerability from a long list of networking, security, storage and open-source OS vendors.
-- Information on torrent hosting changes
-- Information on MX15/16 GPG Keys
-- Spectre and Meltdown vulnerabilities
-- Introducing our new Website
-- MX Linux on social media: here
-- MX-18.1 Point Release release info here
-- Migration Information to MX-18 here
-- antiX-17.4 release info here
-- Please read this first, and don't forget to add system and hardware information to posts!
-- Here are the Forum Rules
1 post • Page 1 of 1