oss-sec mailing list archives

Re: CVE-2018-5391: Linux kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack)

From: Marcus Meissner <meissner () suse de>
Date: Wed, 15 Aug 2018 12:06:54 +0200

Hi,

no.

SegmentSmack affects TCP segments,
FragmentSmack affects IP fragments (lower protocol level).

Ciao, Marcus
On Tue, Aug 14, 2018 at 05:09:38PM -0400, David T. wrote:

Is this the same as "SegmentSmack" that came out last week, CVE-2018-5390?
Or, what is the difference?

On Tue, Aug 14, 2018 at 16:31 Vladis Dronov <vdronov () redhat com> wrote:

Heololo,

A flaw named FragmentSmack was found in the way the Linux kernel handled
reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could
use this flaw to trigger time and calculation expensive fragment reassembly
algorithms by sending specially crafted packets which could lead to a CPU
saturation and hence a denial of service on the system.

External References:

https://www.kb.cert.org/vuls/id/641765

https://access.redhat.com/articles/3553061

https://bugzilla.redhat.com/show_bug.cgi?id=1609664

Best regards,
Vladis Dronov | Red Hat, Inc. | Product Security Engineer

-- 
Very respectfully,

David M Thomsen


-- 
Marcus Meissner,SUSE LINUX GmbH; Maxfeldstrasse 5; D-90409 Nuernberg; Zi. 3.1-33,+49-911-740 
53-432,,serv=loki,mail=wotan,type=real <meissner () suse de>

Current thread:

CVE-2018-5391: Linux kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack) Vladis Dronov (Aug 14)
- Re: CVE-2018-5391: Linux kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack) David T. (Aug 15)
  - Re: CVE-2018-5391: Linux kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack) Marcus Meissner (Aug 15)