oss-sec mailing list archives
CVE-2018-5391: Linux kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack)
From: Vladis Dronov <vdronov () redhat com>
Date: Tue, 14 Aug 2018 16:30:51 -0400 (EDT)
Heololo, A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithms by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system. External References: https://www.kb.cert.org/vuls/id/641765 https://access.redhat.com/articles/3553061 https://bugzilla.redhat.com/show_bug.cgi?id=1609664 Best regards, Vladis Dronov | Red Hat, Inc. | Product Security Engineer
Current thread:
- CVE-2018-5391: Linux kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack) Vladis Dronov (Aug 14)