UNDER ATTACK?
2022 1HY Report_Cover-2-1

In the first half of 2022, the total attack count and average attack size increased by 75.60% and decreased by 55.97% respectively compared to the figures recorded in the second half of 2021.  Learn More

Nexusguard Blog

Cybersecurity best practices and DDoS defence strategies

Latest Stories

Nexusguard Product Nexusguard Product
Jan 13, 2023

Nexusguard Report App

Nexusguard Product Nexusguard Product
Nov 30, 2022

The Impact of IoT on Cybersecurity

Nexusguard Product Nexusguard Product
Oct 31, 2022

How the Pandemic has impacted the Future of Telecommunications

Featured Stories

Blog Home
Nexusguard Product
By
August 14, 2018

DDoS Vulnerability Alert: Linux Kernel (ver 4.9+) (CVE-2018-5390)

  DDoS Vulnerabilities Patch SegmentSmack

A vulnerability known as “SegmentSmack” was recently discovered in Linux kernels of versions 4.9 or later. An attacker can exploit this vulnerability by remotely sending specially crafted TCP packets to prompt resource-intensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() via open ports, causing CPU saturation and ultimately achieving a denial-of-service (DoS) effect.

 

It is confirmed that all Nexusguard services are not affected by the vulnerability. We are also working with our vendors on the patching of a few non-critical systems they supply. We recommend customers running affected Linux kernels to apply the patches from the following links:

 

https://lkml.org/lkml/2018/7/28/40 (Linux 4.9.116)

https://lkml.org/lkml/2018/7/28/44 (Linux 4.17.11)

Popular Stories

VAPT on Static Website Aug 26, 2019
Torshammer: A Tool with Slow-rate DDoS Impact on Apache Servers Oct 22, 2014
DDoS Mitigation with Flowspec Dec 22, 2020

A vulnerability known as “SegmentSmack” was recently discovered in Linux kernels of versions 4.9 or later. An attacker can exploit this vulnerability by remotely sending specially crafted TCP packets to prompt resource-intensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() via open ports, causing CPU saturation and ultimately achieving a denial-of-service (DoS) effect.


Related articles

COVID-19 pandemic causing the most significant increase in DDoS attacks ever

How Vietnam networks unwittingly expose themselves to IoT botnet exploits

Communications Service Providers (CSPs) are being brought to their knees by “Bit-and-Piece” attacks that fly under the radar

SOLUTIONS
PRODUCTS & SERVICES
PARTNERS
ACADEMY
RESOURCES
ABOUT US

© 2023 Nexusguard - All Rights Reserved. Read Our Privacy Policy.