CVE-2018-5390: Vulnerability in Linux Kernel allows for DoS Attacks

A vulnerability has been identified in the Linux Kernel (version 4.9+) which is tracked in the CVE-2018-5390 advisory. It lists several conditions that allow criminals to modify packets leading to the coordination of DOS (Denial of service) attacks.

CVE-2018-5390 Advisory Tracks DOS Attack Linux Kernel Vulnerability

An email message, posted by Juha-Matti Tilli reported yet another security related issue in the Linux Kernel. The CVE-2018-5390 advisory is a newly published security bulletin which gives details upon a Linux Kernel vulnerability. The document shows that versions 4.9+ can be affected by specific service conditions that can lead to a DOS (Denial of Service) attacks. The exact nature of the issue is related to a modification of behaviour by the users. The kernel can be forced into making calls to two functions for every incoming packet:

  • tcp_collapse_ofo_queue() — This routine collapses an out-of-order queue whenever the memory quota for the receive queue is full to make space for the arrived data segment. This is used for buffer control.
  • tcp_prune_ofo_queue() — This is a prune function for the network packets. It is used during the queue operations.

Every incoming packet can be modified into going through these two functions. This can lead to a behaviour pattern leading to a Denial of service possibility. The attackers can induce such conditions by sending out modified packets within the ongoing TCP network sessions. The analysis shows that maintaining this state requires a continuous two-way TCP sessions via a reachable open port on the target machine. This means that the attacks can only be performed via real IP addresses, spoofed addresses cannot be used.

At the time of writing this article the device vendors have not published any patches. Once they are ready the (Read more…)

*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum | authored by Martin Beltov. Read the original post at: