<img alt="" src="https://secure.leadforensics.com/89462.png" style="display:none;">
UNDER ATTACK?

MX7000: A powerful, versatile 'cloud-in-a-box' DDoS mitigation solution.
Learn more

In Q1 2020, DDoS attacks rose more than 278% compared to Q1 2019 and more than 542% compared to the last quarter.
Download the report

Nexusguard Blog

Cybersecurity best practices and DDoS defence strategies

Latest Stories

Nexusguard Research Nexusguard Research
Jul 31, 2020

Could “Bypass Attacks” become the New Normal?

Nexusguard Product Nexusguard Product
Jun 17, 2020

Reaping the Benefits of DDoS Incident Handling Automation

Nexusguard Product Nexusguard Product
May 28, 2020

How to detect and mitigate Bit-and-piece DDoS attack

Featured Stories

Blog Home
Nexusguard Product
By
August 14, 2018

DDoS Vulnerability Alert: Linux Kernel (ver 4.9+) (CVE-2018-5390)

  DDoS Vulnerabilities Patch SegmentSmack

A vulnerability known as “SegmentSmack” was recently discovered in Linux kernels of versions 4.9 or later. An attacker can exploit this vulnerability by remotely sending specially crafted TCP packets to prompt resource-intensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() via open ports, causing CPU saturation and ultimately achieving a denial-of-service (DoS) effect.

 

It is confirmed that all Nexusguard services are not affected by the vulnerability. We are also working with our vendors on the patching of a few non-critical systems they supply. We recommend customers running affected Linux kernels to apply the patches from the following links:

 

https://lkml.org/lkml/2018/7/28/40 (Linux 4.9.116)

https://lkml.org/lkml/2018/7/28/44 (Linux 4.17.11)

Popular Stories

Torshammer: A Tool with Slow-rate DDoS Impact on Apache Servers Oct 22, 2014
VAPT on Static Website Aug 26, 2019
Can “clean pipe” really clean dirty traffic? Jul 17, 2018

A vulnerability known as “SegmentSmack” was recently discovered in Linux kernels of versions 4.9 or later. An attacker can exploit this vulnerability by remotely sending specially crafted TCP packets to prompt resource-intensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() via open ports, causing CPU saturation and ultimately achieving a denial-of-service (DoS) effect.


Related articles

COVID-19 pandemic causing the most significant increase in DDoS attacks ever

How Vietnam networks unwittingly expose themselves to IoT botnet exploits

Communications Service Providers (CSPs) are being brought to their knees by “Bit-and-Piece” attacks that fly under the radar

SOLUTIONS
PRODUCTS & SERVICES
PARTNERS
ACADEMY
RESOURCES
ABOUT US

© Copyright 2020. Nexuguard Limited.
All Rights Reserved. Read Our Privacy Policy.