Articles & Reviews
News Archive
Forums
Premium
Contact
Categories

Computers Display Drivers Graphics Cards Linux Gaming Memory Motherboards Processors Software Storage Operating Systems Peripherals

"SegmentSmack" Linux Network Bug Could Lead To Remote Denial of Service

Written by Michael Larabel in Linux Kernel on 7 August 2018 at 12:36 PM EDT. 3 Comments

LINUX KERNEL

The latest high profile Linux kernel vulnerability has been dubbed "SegmentSmack" and could result in a remote denial of service attack.

With the Linux 4.9 and newer, the kernel can be forced to make expensive calls for every incoming network packet that in turn can lead to the denial of service. Any malicious actor would just need to send specially modified packets within ongoing TCP sessions and implies an open port on the system for attacking. Also lessening the likelihood of attack is the need for having a two-way TCP session.

CVE-2018-5390 / SegmentSmack will obviously require a kernel fix to address this networking code vulnerability but as of writing has not yet reached its way to the mainline kernel.

More details on the SegmentSmack vulnerability can be found via the Red Hat security advisory.

3 Comments

Related News

Linux 6.9-rc5 Released: The Diffstat "Looks A Bit Wonky" But Not Bad

Linux 6.9-rc5 Picking Up Fixes For Intel FRED, BHI & GFNI/VAES Checks

Linux 6.10 Preps A Kernel Panic Screen - Sort Of A "Blue Screen of Death"

Linus Torvalds Injects Tabs To Thwart Kconfig Parsers Not Correctly Handling Them

Linux 6.9-rc4 Brings More Bcachefs Fixes, Native BHI Mitigation

Linux 6.10 To Account For NUMA Node When Allocating Per-CPU Cpumasks

About The Author

Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week

Rust-Written LAVD Kernel Scheduler Shows Promising Results For Linux Gaming

Former Nouveau Lead Developer Joins NVIDIA, Continues Working On Open-Source Driver

Fedora Linux 40 Cleared For Release Next Week

AMD: "Additional Parts Of The Radeon Stack To Be Open Sourced Throughout The Year"

Mozilla Finally Begins Offering Firefox ARM64 Linux Binaries

Ubuntu 24.04 Supports Easy Installation Of OpenZFS Root File-System With Encryption

openSUSE Factory Achieves Bit-By-Bit Reproducible Builds

Linux 6.10 Preps A Kernel Panic Screen - Sort Of A "Blue Screen of Death"