[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE-2018-5391: Linux kernel: IP fragments with random offsets allow a remote deni
From: Marcus Meissner <meissner () suse ! de>
Date: 2018-08-15 10:06:54
Message-ID: 20180815100654.vr67od6epctljw7v () suse ! de
[Download RAW message or body]
Hi,
no.
SegmentSmack affects TCP segments,
FragmentSmack affects IP fragments (lower protocol level).
Ciao, Marcus
On Tue, Aug 14, 2018 at 05:09:38PM -0400, David T. wrote:
> Is this the same as "SegmentSmack" that came out last week, CVE-2018-5390?
> Or, what is the difference?
>
> On Tue, Aug 14, 2018 at 16:31 Vladis Dronov <vdronov@redhat.com> wrote:
>
> > Heololo,
> >
> > A flaw named FragmentSmack was found in the way the Linux kernel handled
> > reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could
> > use this flaw to trigger time and calculation expensive fragment reassembly
> > algorithms by sending specially crafted packets which could lead to a CPU
> > saturation and hence a denial of service on the system.
> >
> > External References:
> >
> > https://www.kb.cert.org/vuls/id/641765
> >
> > https://access.redhat.com/articles/3553061
> >
> > https://bugzilla.redhat.com/show_bug.cgi?id=1609664
> >
> > Best regards,
> > Vladis Dronov | Red Hat, Inc. | Product Security Engineer
> >
> --
> Very respectfully,
>
> David M Thomsen
--
Marcus Meissner,SUSE LINUX GmbH; Maxfeldstrasse 5; D-90409 Nuernberg; Zi. 3.1-33,+49-911-740 \
53-432,,serv=loki,mail=wotan,type=real <meissner@suse.de>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic