<img alt="" src="https://secure.leadforensics.com/89462.png" style="display:none;">

Nexusguard Blog

Cybersecurity best practices and DDoS defence strategies

Latest Stories

Nexusguard Product Nexusguard Product
Aug 14, 2018

DDoS Vulnerability Alert: Linux Kernel (ver 4.9+) (CVE-2018-5390)

Nexusguard Research Nexusguard Research
Aug 07, 2018

Is your network immune to DDoS attacks?

Nexusguard Research Nexusguard Research
Jul 31, 2018

Satori Demonstrates Attackers’ Continued Drive for Zero-Day Exploits

Featured Stories

Blog Home
Nexusguard Product
By
August 14, 2018

DDoS Vulnerability Alert: Linux Kernel (ver 4.9+) (CVE-2018-5390)

  DDoS Vulnerabilities CVE-2018-5390 Patch Linux Kernel SegmentSmack

A vulnerability known as “SegmentSmack” was recently discovered in Linux kernels of versions 4.9 or later. An attacker can exploit this vulnerability by remotely sending specially crafted TCP packets to prompt resource-intensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() via open ports, causing CPU saturation and ultimately achieving a denial-of-service (DoS) effect.

 

It is confirmed that all Nexusguard services are not affected by the vulnerability. We are also working with our vendors on the patching of a few non-critical systems they supply. We recommend customers running affected Linux kernels to apply the patches from the following links:

 

https://lkml.org/lkml/2018/7/28/40 (Linux 4.9.116)

https://lkml.org/lkml/2018/7/28/44 (Linux 4.17.11)

Popular Stories

DDoS Attacks Now Last Longer And Have Become More Complex Feb 22, 2018
To the uninitiated, the threat of memcached attacks can indeed be daunting Mar 09, 2018
Mitigating the record-setting Memcached DDoS attacks Mar 02, 2018

Popular Tags

DDoS Cyber Attack Cybersecurity Amplification Attack DDoS Mitigation Malware Memcached Attack Vulnerabilities Botnet DDoS Protection IoT Ransom Satori 4Chan Anarchy Attack Target Banking and Finance Bash Big Data Analytics Bitcoin Blackhat CSP CVE-2018-5390 Class-C Clean Pipe DDoS Simulation Platform Data Privacy Data Protection Device Limitations Fatal Blow Financial Sector Forecast G20 Summit GDPR ISP Lethal Problems Linux Kernel Meltdown Mirai Multi-vector attack Mumsnet Network Breach Nexusguard Partner Program Origin Protection Patch Pentagon Potential Problem Infrastructures RCE Vulnerability Replay Attacks SSDP SegmentSmack Shellshock Spectre TCP SYN flood Torshammer Trojan Turkish General Election Ukrainian Presidential Election Wordpress World Cup zero-day attack

A vulnerability known as “SegmentSmack” was recently discovered in Linux kernels of versions 4.9 or later. An attacker can exploit this vulnerability by remotely sending specially crafted TCP packets to prompt resource-intensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() via open ports, causing CPU saturation and ultimately achieving a denial-of-service (DoS) effect.

Comments Form:

Related articles

Is your network immune to DDoS attacks?

Satori Demonstrates Attackers’ Continued Drive for Zero-Day Exploits

DDoS Attacks Rampant in Financial Sector