oss-sec mailing list archives

Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390)

From: Dave Horsfall <dave () horsfall org>
Date: Fri, 10 Aug 2018 09:29:05 +1000 (EST)

On Thu, 9 Aug 2018, Stiepan wrote:

Could you please provide some more details on the issue? About the sameperiod, our secure e-mail provider suffered an unprecedented DDoS withsome e-mail messages never reaching us.

Would this be the well-known TCP re-assembly bug? Send lots of smallpackets (say out of order), and the CPU spends most of its time in glueingthem back together.


-- Dave

Current thread:

Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390), (continued)
- Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) Stiepan (Aug 09)
  - RE: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) Reinis Rozitis (Aug 09)
  - Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) Solar Designer (Aug 09)
    - Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) Stiepan (Aug 09)
    - Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) David T. (Aug 09)
    - Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) Solar Designer (Aug 09)
    - Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) Kurt H Maier (Aug 09)
    - Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) Solar Designer (Aug 09)
    - Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) Stiepan (Aug 09)
    - Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) Matthew Garrett (Aug 09)
  - Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) Dave Horsfall (Aug 09)
  - Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) Amos Jeffries (Aug 09)