"SegmentSmack" Linux Network Bug Could Lead To Remote Denial of Service

Written by Michael Larabel in Linux Kernel on 7 August 2018 at 12:36 PM EDT. 3 Comments
LINUX KERNEL
The latest high profile Linux kernel vulnerability has been dubbed "SegmentSmack" and could result in a remote denial of service attack.

With the Linux 4.9 and newer, the kernel can be forced to make expensive calls for every incoming network packet that in turn can lead to the denial of service. Any malicious actor would just need to send specially modified packets within ongoing TCP sessions and implies an open port on the system for attacking. Also lessening the likelihood of attack is the need for having a two-way TCP session.

CVE-2018-5390 / SegmentSmack will obviously require a kernel fix to address this networking code vulnerability but as of writing has not yet reached its way to the mainline kernel.

More details on the SegmentSmack vulnerability can be found via the Red Hat security advisory.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week