oss-sec mailing list archives
Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390)
From: Dave Horsfall <dave () horsfall org>
Date: Fri, 10 Aug 2018 09:29:05 +1000 (EST)
On Thu, 9 Aug 2018, Stiepan wrote:
Could you please provide some more details on the issue? About the same period, our secure e-mail provider suffered an unprecedented DDoS with some e-mail messages never reaching us.
Would this be the well-known TCP re-assembly bug? Send lots of small packets (say out of order), and the CPU spends most of its time in glueing them back together.
-- Dave
Current thread:
- Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390), (continued)
- Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) Stiepan (Aug 09)
- RE: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) Reinis Rozitis (Aug 09)
- Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) Solar Designer (Aug 09)
- Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) Stiepan (Aug 09)
- Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) David T. (Aug 09)
- Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) Solar Designer (Aug 09)
- Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) Kurt H Maier (Aug 09)
- Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) Solar Designer (Aug 09)
- Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) Stiepan (Aug 09)
- Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) Stiepan (Aug 09)
- Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) Matthew Garrett (Aug 09)