[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE-2018-5391: Linux kernel: IP fragments with random offsets allow a remote deni
From:       Marcus Meissner <meissner () suse ! de>
Date:       2018-08-15 10:06:54
Message-ID: 20180815100654.vr67od6epctljw7v () suse ! de
[Download RAW message or body]

Hi,

no.

SegmentSmack affects TCP segments,
FragmentSmack affects IP fragments (lower protocol level).

Ciao, Marcus
On Tue, Aug 14, 2018 at 05:09:38PM -0400, David T. wrote:
> Is this the same as "SegmentSmack" that came out last week, CVE-2018-5390?
> Or, what is the difference?
> 
> On Tue, Aug 14, 2018 at 16:31 Vladis Dronov <vdronov@redhat.com> wrote:
> 
> > Heololo,
> > 
> > A flaw named FragmentSmack was found in the way the Linux kernel handled
> > reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could
> > use this flaw to trigger time and calculation expensive fragment reassembly
> > algorithms by sending specially crafted packets which could lead to a CPU
> > saturation and hence a denial of service on the system.
> > 
> > External References:
> > 
> > https://www.kb.cert.org/vuls/id/641765
> > 
> > https://access.redhat.com/articles/3553061
> > 
> > https://bugzilla.redhat.com/show_bug.cgi?id=1609664
> > 
> > Best regards,
> > Vladis Dronov | Red Hat, Inc. | Product Security Engineer
> > 
> -- 
> Very respectfully,
> 
> David M Thomsen

-- 
Marcus Meissner,SUSE LINUX GmbH; Maxfeldstrasse 5; D-90409 Nuernberg; Zi. 3.1-33,+49-911-740 \
53-432,,serv=loki,mail=wotan,type=real <meissner@suse.de>


[prev in list] [next in list] [prev in thread] [next in thread]