7.8 - cisco-sa-20180824-linux-tcp

On August 6, 2018, the Vulnerability Coordination team of the National Cyber Security Centre of Finland (NCSC-FI) and the CERT Coordination Center (CERT/CC) disclosed vulnerabilities in the TCP stacks that are used by the Linux and FreeBSD kernels. These vulnerabilities are publicly known as SegmentSmack.

The vulnerabilities could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. An attack could be executed by using low transfer rates of TCP packets, unlike typical distributed denial of service (DDoS) attacks.

The vulnerabilities are due to inefficient TCP reassembly algorithms in the TCP stacks that are used by the affected kernels. Linux Kernel Versions 4.9 and later and all supported versions of the FreeBSD kernel are known to be affected by these vulnerabilities.

An attacker could exploit these vulnerabilities by sending a stream of packets that are designed to trigger the issue in an established TCP session with an affected device. A sustained DoS condition requires the attacker to maintain a continuous stream of malicious traffic. Due to the required use of an established session, an attack cannot be performed using spoofed IP addresses.

This advisory will be updated as additional information becomes available.

Cisco will release software updates that address these vulnerabilities.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180824-linux-tcp ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180824-linux-tcp"]

BEGIN PGP SIGNATURE

iQJ5BAEBAgBjBQJbgHzAXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50 IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly dEBjaXNjby5jb20+AAoJEJa12PPJBfczJSIQALiuz7qltuiwYFqDpTqOChAgV8QO vdZnyDVGJk2T0QwLrG3sw2h1/AIMV7J/Yn6s3PxspKMpADi4W5OfZWD5VDDosAGh tmh90qrzGQi8C6XNBgeYEqb53BzGDv6zTAGxHlBjVAsjdS9Rg//vBpVW8VmZwPdz 1BvFmCoTaHW01re9v9wFNfUpybXtI9lWCAA8vtj1BnOjaM5rsdtwDRFzFV8GH1SY LAu6PEhCLFuQ37MkyDF+B0FwAl2eCxBFuLzPjmd2ArJR84ob5Isawsq6lFkcET39 zpQdptXnb6A8W7tDDvGVtcUJPW5xAKC61uR+wfjXYgvjmRfdCNt9TnISJSg/g/Ko Cx9Db82gFzVJu181caD8fotyEDkHmJbAT2X/okZl/BJU063ArumwINOCbk0xqha9 ln25evjQghW2iZPD0LdugCBn/wkAy0Zzj6NKxU/cIeJ/rneZJnmrf03ha9VVUynr lH7orJp4oL53/p2o1Dlnh57FZri/zdyOl1dbJ5I2dQ8xbwc0Q3HPR/CwFKw1S+PU BQ0iNk0nqU2wRoD6dLO5LmhGdrE7UQTDvOrSYJANmN71ShL2I9kgrNn1GgGk8yHs snezBZBEMTXdsSDKVlaP/K80kxFv/0eb6fMt8ZG7m1Z8IJZ3IXc8HK2N+a9mLNGT qfZYk3H8IZxRkc6L =E7Vy END PGP SIGNATURE

_______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com