<img alt="" src="https://secure.leadforensics.com/89462.png" style="display:none;">

Nexusguard Blog

Cybersecurity best practices and DDoS defence strategies

Latest Stories

Nexusguard Product Nexusguard Product
Jan 14, 2020

Mitigating TCP SYN floods

Nexusguard Research Nexusguard Research
Jan 07, 2020

Single targets, multiple innocent victims

Nexusguard Product Nexusguard Product
Dec 25, 2019

Ready for Holidays? Web Application Firewall for Sensitive Data Security for Online Shopping

Featured Stories

Blog Home
Nexusguard Product
By
August 14, 2018

DDoS Vulnerability Alert: Linux Kernel (ver 4.9+) (CVE-2018-5390)

  DDoS Vulnerabilities Patch SegmentSmack

A vulnerability known as “SegmentSmack” was recently discovered in Linux kernels of versions 4.9 or later. An attacker can exploit this vulnerability by remotely sending specially crafted TCP packets to prompt resource-intensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() via open ports, causing CPU saturation and ultimately achieving a denial-of-service (DoS) effect.

 

It is confirmed that all Nexusguard services are not affected by the vulnerability. We are also working with our vendors on the patching of a few non-critical systems they supply. We recommend customers running affected Linux kernels to apply the patches from the following links:

 

https://lkml.org/lkml/2018/7/28/40 (Linux 4.9.116)

https://lkml.org/lkml/2018/7/28/44 (Linux 4.17.11)

Popular Stories

Little droplets form roaring ocean Jan 03, 2019
Torshammer: A Tool with Slow-rate DDoS Impact on Apache Servers Oct 22, 2014
Can “clean pipe” really clean dirty traffic? Jul 17, 2018

Popular Tags

DDoS Cybersecurity DDoS Protection Cyber Attack Communications Service Provider Amplification Attack Botnet DNS Attack Memcached Attack DDoS Threat Report DNSSEC Malware TCP SYN flood Vulnerabilities DNS Amplification Data Protection Financial Sector IoT Protest Ransom SSDP Satori Banking and Finance Big Data Analytics Bitcoin Blackhat Blackhole Class-C Clean Pipe Cloud service provider Data Privacy Domain Hijack Fatal Blow HTML5 HTTP attack ISP Lethal Problems Meltdown Mirai Multi-vector attack Mumsnet Nepel Network Breach Nexusguard Partner Program Online Retailing Origin Protection Patch Pentagon Pentester Potential Problem Infrastructures Practitioner RCE Vulnerability Replay Attacks SegmentSmack Shellshock Smart City Security South Africa Spectre TAP Torshammer Trojan Turkish General Election Ukrainian Presidential Election WAF Wordpress World Cup big bill cleanpipe cloud cloud service providers government internet of things partnership smokescreen telegram zero-day attack

A vulnerability known as “SegmentSmack” was recently discovered in Linux kernels of versions 4.9 or later. An attacker can exploit this vulnerability by remotely sending specially crafted TCP packets to prompt resource-intensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() via open ports, causing CPU saturation and ultimately achieving a denial-of-service (DoS) effect.

Comments Form:

Related articles

Mitigating TCP SYN floods

Single targets, multiple innocent victims

South Africa less than ready for DDoS attacks