UNDER ATTACK?
2022 1HY Report_Cover-2-1

In the first half of 2022, the total attack count and average attack size increased by 75.60% and decreased by 55.97% respectively compared to the figures recorded in the second half of 2021.  Learn More

Nexusguard Blog

Cybersecurity best practices and DDoS defence strategies

Latest Stories

Nexusguard Product Nexusguard Product
Mar 06, 2023

The Killnet Botnet: A Threat to Healthcare and Banking Sectors

Nexusguard Product Nexusguard Product
Feb 16, 2023

Protecting against SIP Flood Attacks

Nexusguard Product Nexusguard Product
Jan 31, 2023

Protecting against SSL/TLS Flood Attacks

Featured Stories

Blog Home
Nexusguard Product
By
August 14, 2018

DDoS Vulnerability Alert: Linux Kernel (ver 4.9+) (CVE-2018-5390)

  DDoS Vulnerabilities Patch SegmentSmack

A vulnerability known as “SegmentSmack” was recently discovered in Linux kernels of versions 4.9 or later. An attacker can exploit this vulnerability by remotely sending specially crafted TCP packets to prompt resource-intensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() via open ports, causing CPU saturation and ultimately achieving a denial-of-service (DoS) effect.

 

It is confirmed that all Nexusguard services are not affected by the vulnerability. We are also working with our vendors on the patching of a few non-critical systems they supply. We recommend customers running affected Linux kernels to apply the patches from the following links:

 

https://lkml.org/lkml/2018/7/28/40 (Linux 4.9.116)

https://lkml.org/lkml/2018/7/28/44 (Linux 4.17.11)

Popular Stories

VAPT on Static Website Aug 26, 2019
Torshammer: A Tool with Slow-rate DDoS Impact on Apache Servers Oct 22, 2014
Preventing Slow HTTP Attacks Nov 08, 2021

A vulnerability known as “SegmentSmack” was recently discovered in Linux kernels of versions 4.9 or later. An attacker can exploit this vulnerability by remotely sending specially crafted TCP packets to prompt resource-intensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() via open ports, causing CPU saturation and ultimately achieving a denial-of-service (DoS) effect.


Related articles

COVID-19 pandemic causing the most significant increase in DDoS attacks ever

How Vietnam networks unwittingly expose themselves to IoT botnet exploits

Communications Service Providers (CSPs) are being brought to their knees by “Bit-and-Piece” attacks that fly under the radar

SOLUTIONS
PRODUCTS & SERVICES
PARTNERS
ACADEMY
RESOURCES
ABOUT US

© 2023 Nexusguard - All Rights Reserved. Read Our Privacy Policy.