Language Selection

English French German Italian Portuguese Spanish

Security: Updates, Black Hat USA 2018, SegmentSmack

Filed under
Security
  • Security updates for Tuesday
  • Top 10 Talks to See at Black Hat USA 2018
  • Batten down the ports: Linux networking bug SegmentSmack could remotely crash systems

    A networking flaw has been discovered in the Linux kernel that could trigger a remote denial-of-service attack.

    Versions 4.9 and up are "vulnerable to denial-of-service conditions with low rates of specially crafted packets", according to a US CERT ADVISORY. The bug is being tracked as SegmentSmack (CVE-2018-5390).

    SegmentSmack – which sounds a bit like an American wrestler whose speciality is to close bouts just before an ad break – has prompted fixes for a wide variety of networking kit.

  • Ubuntu and Debian Stretch Receive Linux Kernel Security Update to Fix TCP Flaw

    Canonical and Debian Project released new Linux kernel security updates for their supported operating systems to address a critical vulnerability affecting the TCP implementation.

    Discovered and reported by security researcher Juha-Matti Tilli, the security flaw (CVE-2018-5390) could allow a remote attacker to cause a denial of service on affected machines by triggering worst-case code paths in Transmission Control Protocol (TCP) stream reassembly that has low rates using malicious packets.

SegmentSmack Again

  • SegmentSmack Kernel Bug Discovered, Android 9 Pie Now Available, Google's August Security Bulletin for Android, Kernel 4.19 to Get STACKLEAK Feature and GNOME Releases Keysign 0.9.8

    Security researchers have discovered a bug in kernel 4.9 called SegmentSmack. Red Hat comments that "a remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU saturation and hence a denial of service on the system". There's no known workaround other than a fixed kernel at this time. See also the story on ZDNet for more information.

  • "SegmentSmack" Linux Network Bug Could Lead To Remote Denial of Service

    The latest high profile Linux kernel vulnerability has been dubbed "SegmentSmack" and could result in a remote denial of service attack.

    With the Linux 4.9 and newer, the kernel can be forced to make expensive calls for every incoming network packet that in turn can lead to the denial of service. Any malicious actor would just need to send specially modified packets within ongoing TCP sessions and implies an open port on the system for attacking. Also lessening the likelihood of attack is the need for having a two-way TCP session.

More SegmentSmack

  • ‘SegmentSmack’ – Critical TCP Vulnerability Found In Linux 4.9 Triggers DoS Attack

    Recently, a researcher has discovered a critical TCP vulnerability in the Linux Kernel that could trigger cyber attacks. Precisely, by exploiting this flaw, any potential bad actors could trigger resource exhaustion attacks through an open port. This vulnerability, termed as ‘SegmentSmack’, primarily targets Linux 4.9 and above. Fortunately, Linux developers have released a patch for it.

  • Linux vulnerability could lead to DDoS attacks

    A Linux kernel vulnerability affecting version 4.9 and up could allow an attacker to carry out denial-of-service attacks on a system with an available open port, according to an Aug 6 security advisory from the CERT Coordination Center at Carnegie Mellon University's Software Engineering Institute.

    “Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service,” the report states. “An attacker can induce a denial of service condition by sending specially modified packets within ongoing TCP sessions.”

  • Linux vulnerability could lead to DDoS attacks

    A Linux kernel vulnerability affecting version 4.9 and up could allow an attacker to carry out denial-of-service attacks on a system with an available open port, according to an advisory.

    The CERT Coordination Center at Carnegie Mellon University's Software Engineering Institute said that patches for the vulnerability have been released.

    “Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service,” the advisory states.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

today's howtos

RaspEX Project Brings Kodi 18.1 and Linux Kernel 5.0 to Raspberry Pi 3 Model B+

Based on Debian GNU/Linux and Raspberry Pi's Raspbian operating systems, RaspEX Kodi Build 190321 is now available with the latest Kodi 18.1 "Leia" media center software featuring add-ons for watching Netflix, Amazon Prime Video, and Plex, as well as the lightweight LXDE desktop environment with VLC media player and NetworkManager. RaspEX Kodi Build 190321 is also powered by the latest and greatest Linux 5.0 kernel series, which apparently works very well with the recently launched Raspberry Pi 3 Model B+ single-board computer. However, while Raspberry Pi 3 Model B+ is recommended for RaspEX, you can also install it on a Raspberry Pi 3 Model B or the older Raspberry Pi 2 Model B. Read more

Android Leftovers

SparkyLinux Incinerates the Hassle Factor

SparkyLinux gives you an operating system that is out-of-the-box ready for use. It comes with multimedia plugins, selected sets of apps, and its own custom tools to ease different tasks. SparkyLinux is a well-thought-out Linux OS. It has straightforward controls that let you get your work done without distractions. The user interface is friendly, intuitive and efficient. SparkyLinux is a very functional Linux OS. It is a solid choice for use as an all-purpose home edition with all the tools, codecs, plugins and drivers preinstalled. You may not need the USB installation. However, if your computer runs Microsoft Windows or another Linux distro, putting SparkyLinux on a USB stick is much easier than setting up a dual boot on the hard drive or replacing whatever is running on that computer already. Read more