Nexusguard Blog
Cybersecurity best practices and DDoS defence strategies
Latest Stories
Featured Stories
Blog Home
A vulnerability known as “SegmentSmack” was recently discovered in Linux kernels of versions 4.9 or later. An attacker can exploit this vulnerability by remotely sending specially crafted TCP packets to prompt resource-intensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() via open ports, causing CPU saturation and ultimately achieving a denial-of-service (DoS) effect.
It is confirmed that all Nexusguard services are not affected by the vulnerability. We are also working with our vendors on the patching of a few non-critical systems they supply. We recommend customers running affected Linux kernels to apply the patches from the following links:
https://lkml.org/lkml/2018/7/28/40 (Linux 4.9.116)
https://lkml.org/lkml/2018/7/28/44 (Linux 4.17.11)
Email Subscription
Thank You!
We will get back to you shortly.
Popular Stories
Little droplets form roaring ocean
Jan 03, 2019
2019 Will Be an Eventful Period for Cybersecurity
Jun 22, 2018
Can “clean pipe” really clean dirty traffic?
Jul 17, 2018
Popular Tags
DDoS Cybersecurity DDoS Protection Cyber Attack Amplification Attack Communications Service Provider Memcached Attack Botnet DNS Attack Malware Vulnerabilities DNS Amplification Financial Sector IoT Protest Ransom SSDP Satori Banking and Finance Big Data Analytics Bitcoin Blackhat Blackhole Class-C Clean Pipe Cloud service provider DDoS Threat Report DNSSEC Data Privacy Data Protection Domain Hijack Fatal Blow HTML5 ISP Lethal Problems Meltdown Mirai Multi-vector attack Mumsnet Nepel Network Breach Nexusguard Partner Program Origin Protection Patch Pentagon Pentester Potential Problem Infrastructures Practitioner RCE Vulnerability Replay Attacks SegmentSmack Shellshock Smart City Security Spectre TCP SYN flood Torshammer Trojan Turkish General Election Ukrainian Presidential Election Wordpress World Cup big bill cleanpipe cloud cloud service providers government internet of things smokescreen telegram zero-day attack
A vulnerability known as “SegmentSmack” was recently discovered in Linux kernels of versions 4.9 or later. An attacker can exploit this vulnerability by remotely sending specially crafted TCP packets to prompt resource-intensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() via open ports, causing CPU saturation and ultimately achieving a denial-of-service (DoS) effect.
Comments Form: