Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390)

[Stiepan <stie@itk.swiss>]

Hi,

Could you please provide some more details on the issue? About the same period, our secure e-mail provider suffered an 
unprecedented DDoS with some e-mail messages never reaching us.
Since this has business impact, we consider legal action against the opaque Linux-distros 
vulnerability-disclosure-among-friends-for-fun-and-profit scheme, that we exposed at the ITU earlier this year. This is 
digital divide in the works, with real impact for non-club-members.

Regards,
Stiepan A. Kovac
President
itk AVtobvS SARL

Envoyé depuis ProtonMail mobile

-------- Message d'origine --------
On 8 août 2018 à 17:44, Matthew Garrett a écrit :

> CVE 2018-5390 is a remotely exploitable denial of service against Linux
> systems. It was patched in the public kernel tree on the 2018-07-23 and
> publicly disclosed on 2018-08-06. A public tweet linking to the commit was
> made on 2018-07-23, so awareness of the issue may have been high before
> official disclosure. All Linux distributions should now have released
> patches for the affected releases.