<img alt="" src="https://secure.leadforensics.com/89462.png" style="display:none;">
UNDER ATTACK?

MX7000: A powerful, versatile 'cloud-in-a-box' DDoS mitigation solution.
Learn more

According to the Q3 2020 DDoS Threat Report, 77% of cyberattacks were targeted at online gaming companies, and attacks witnessed were largely volumetric and single vector attacks.
Download the report

Nexusguard Blog

Cybersecurity best practices and DDoS defence strategies

Latest Stories

Nexusguard Product Nexusguard Product
Dec 22, 2020

DDoS Mitigation with Flowspec

Nexusguard Product Nexusguard Product
Nov 17, 2020

Hardening Web Applications using Secure HTTP Headers

Nexusguard Product Nexusguard Product
Oct 29, 2020

Validation of HTTP/S Requests using CSRF Tokens

Featured Stories

Blog Home
Nexusguard Product
By
August 14, 2018

DDoS Vulnerability Alert: Linux Kernel (ver 4.9+) (CVE-2018-5390)

  DDoS Vulnerabilities Patch SegmentSmack

A vulnerability known as “SegmentSmack” was recently discovered in Linux kernels of versions 4.9 or later. An attacker can exploit this vulnerability by remotely sending specially crafted TCP packets to prompt resource-intensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() via open ports, causing CPU saturation and ultimately achieving a denial-of-service (DoS) effect.

 

It is confirmed that all Nexusguard services are not affected by the vulnerability. We are also working with our vendors on the patching of a few non-critical systems they supply. We recommend customers running affected Linux kernels to apply the patches from the following links:

 

https://lkml.org/lkml/2018/7/28/40 (Linux 4.9.116)

https://lkml.org/lkml/2018/7/28/44 (Linux 4.17.11)

Popular Stories

Torshammer: A Tool with Slow-rate DDoS Impact on Apache Servers Oct 22, 2014
VAPT on Static Website Aug 26, 2019
Smart Mode: DDoS Attack Detection using Machine Learning Aug 28, 2020

A vulnerability known as “SegmentSmack” was recently discovered in Linux kernels of versions 4.9 or later. An attacker can exploit this vulnerability by remotely sending specially crafted TCP packets to prompt resource-intensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() via open ports, causing CPU saturation and ultimately achieving a denial-of-service (DoS) effect.


Related articles

COVID-19 pandemic causing the most significant increase in DDoS attacks ever

How Vietnam networks unwittingly expose themselves to IoT botnet exploits

Communications Service Providers (CSPs) are being brought to their knees by “Bit-and-Piece” attacks that fly under the radar

SOLUTIONS
PRODUCTS & SERVICES
PARTNERS
ACADEMY
RESOURCES
ABOUT US

© Copyright 2021. Nexuguard Limited.
All Rights Reserved. Read Our Privacy Policy.