Executive Summary
Summary | |
---|---|
Title | Linux and FreeBSD Kernels TCP Reassembly Denial of Service Vulnerabilities Affecting Cisco Products: August 2018 |
Informations | |||
---|---|---|---|
Name | cisco-sa-20180824-linux-tcp | First vendor Publication | 2018-08-24 |
Vendor | Cisco | Last vendor Modification | 2018-08-24 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.8 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
On August 6, 2018, the Vulnerability Coordination team of the National Cyber Security Centre of Finland (NCSC-FI) and the CERT Coordination Center (CERT/CC) disclosed vulnerabilities in the TCP stacks that are used by the Linux and FreeBSD kernels. These vulnerabilities are publicly known as SegmentSmack. The vulnerabilities could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. An attack could be executed by using low transfer rates of TCP packets, unlike typical distributed denial of service (DDoS) attacks. The vulnerabilities are due to inefficient TCP reassembly algorithms in the TCP stacks that are used by the affected kernels. Linux Kernel Versions 4.9 and later and all supported versions of the FreeBSD kernel are known to be affected by these vulnerabilities. An attacker could exploit these vulnerabilities by sending a stream of packets that are designed to trigger the issue in an established TCP session with an affected device. A sustained DoS condition requires the attacker to maintain a continuous stream of malicious traffic. Due to the required use of an established session, an attack cannot be performed using spoofed IP addresses. This advisory will be updated as additional information becomes available. Cisco will release software updates that address these vulnerabilities. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180824-linux-tcp ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180824-linux-tcp"] BEGIN PGP SIGNATURE iQJ5BAEBAgBjBQJbgHzAXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50 IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly dEBjaXNjby5jb20+AAoJEJa12PPJBfczJSIQALiuz7qltuiwYFqDpTqOChAgV8QO vdZnyDVGJk2T0QwLrG3sw2h1/AIMV7J/Yn6s3PxspKMpADi4W5OfZWD5VDDosAGh tmh90qrzGQi8C6XNBgeYEqb53BzGDv6zTAGxHlBjVAsjdS9Rg//vBpVW8VmZwPdz 1BvFmCoTaHW01re9v9wFNfUpybXtI9lWCAA8vtj1BnOjaM5rsdtwDRFzFV8GH1SY LAu6PEhCLFuQ37MkyDF+B0FwAl2eCxBFuLzPjmd2ArJR84ob5Isawsq6lFkcET39 zpQdptXnb6A8W7tDDvGVtcUJPW5xAKC61uR+wfjXYgvjmRfdCNt9TnISJSg/g/Ko Cx9Db82gFzVJu181caD8fotyEDkHmJbAT2X/okZl/BJU063ArumwINOCbk0xqha9 ln25evjQghW2iZPD0LdugCBn/wkAy0Zzj6NKxU/cIeJ/rneZJnmrf03ha9VVUynr lH7orJp4oL53/p2o1Dlnh57FZri/zdyOl1dbJ5I2dQ8xbwc0Q3HPR/CwFKw1S+PU BQ0iNk0nqU2wRoD6dLO5LmhGdrE7UQTDvOrSYJANmN71ShL2I9kgrNn1GgGk8yHs snezBZBEMTXdsSDKVlaP/K80kxFv/0eb6fMt8ZG7m1Z8IJZ3IXc8HK2N+a9mLNGT qfZYk3H8IZxRkc6L =E7Vy END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com |
Original Source
Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...) |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
CPE : Common Platform Enumeration
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2019-01-10 | Name : The remote device is affected by multiple vulnerabilities. File : juniper_space_jsa10917_184R1.nasl - Type : ACT_GATHER_INFO |
2018-12-14 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL95343321.nasl - Type : ACT_GATHER_INFO |
2018-12-05 | Name : The remote PhotonOS host is missing multiple security updates. File : PhotonOS_PHSA-2018-2_0-0101.nasl - Type : ACT_GATHER_INFO |
2018-11-09 | Name : The remote AIX host is missing a security patch. File : aix_IJ09625.nasl - Type : ACT_GATHER_INFO |
2018-11-09 | Name : The remote AIX host is missing a security patch. File : aix_IJ09624.nasl - Type : ACT_GATHER_INFO |
2018-11-09 | Name : The remote AIX host is missing a security patch. File : aix_IJ09623.nasl - Type : ACT_GATHER_INFO |
2018-11-09 | Name : The remote AIX host is missing a security patch. File : aix_IJ09622.nasl - Type : ACT_GATHER_INFO |
2018-11-09 | Name : The remote AIX host is missing a security patch. File : aix_IJ09621.nasl - Type : ACT_GATHER_INFO |
2018-11-09 | Name : The remote AIX host is missing a security patch. File : aix_IJ09620.nasl - Type : ACT_GATHER_INFO |
2018-11-09 | Name : The remote AIX host is missing a security patch. File : aix_IJ09619.nasl - Type : ACT_GATHER_INFO |
2018-11-09 | Name : The remote AIX host is missing a security patch. File : aix_IJ09618.nasl - Type : ACT_GATHER_INFO |
2018-10-26 | Name : The remote EulerOS Virtualization host is missing multiple security updates. File : EulerOS_SA-2018-1345.nasl - Type : ACT_GATHER_INFO |
2018-10-25 | Name : The remote EulerOS Virtualization host is missing a security update. File : EulerOS_SA-2018-1322.nasl - Type : ACT_GATHER_INFO |
2018-09-04 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2018-1279.nasl - Type : ACT_GATHER_INFO |
2018-09-04 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2018-1278.nasl - Type : ACT_GATHER_INFO |
2018-08-31 | Name : The remote Virtuozzo host is missing multiple security updates. File : Virtuozzo_VZA-2018-063.nasl - Type : ACT_GATHER_INFO |
2018-08-20 | Name : The remote Virtuozzo host is missing multiple security updates. File : Virtuozzo_VZA-2018-055.nasl - Type : ACT_GATHER_INFO |
2018-08-16 | Name : The remote Debian host is missing a security update. File : debian_DLA-1466.nasl - Type : ACT_GATHER_INFO |
2018-08-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2018-2390.nasl - Type : ACT_GATHER_INFO |
2018-08-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2018-2384.nasl - Type : ACT_GATHER_INFO |
2018-08-07 | Name : The remote Amazon Linux 2 host is missing a security update. File : al2_ALAS-2018-1050.nasl - Type : ACT_GATHER_INFO |
2018-08-07 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_3c2eea8c99bf11e88beea4badb2f4699.nasl - Type : ACT_GATHER_INFO |
2018-08-07 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-4266.nasl - Type : ACT_GATHER_INFO |
2018-08-07 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2018-1049.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2018-10-11 17:21:50 |
|
2018-08-25 00:19:31 |
|