Date: Thu, 09 Aug 2018 07:12:27 +0000 From: Stiepan <stie@....swiss> To: oss-security@...ts.openwall.com Cc: ProtonMail Security Team <security@...tonmail.ch>, "xiaoya.yang" <xiaoya.yang@....int> Subject: Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) Hi, Could you please provide some more details on the issue? About the same period, our secure e-mail provider suffered an unprecedented DDoS with some e-mail messages never reaching us. Since this has business impact, we consider legal action against the opaque Linux-distros vulnerability-disclosure-among-friends-for-fun-and-profit scheme, that we exposed at the ITU earlier this year. This is digital divide in the works, with real impact for non-club-members. Regards, Stiepan A. Kovac President itk AVtobvS SARL Envoyé depuis ProtonMail mobile -------- Message d'origine -------- On 8 août 2018 à 17:44, Matthew Garrett a écrit : > CVE 2018-5390 is a remotely exploitable denial of service against Linux > systems. It was patched in the public kernel tree on the 2018-07-23 and > publicly disclosed on 2018-08-06. A public tweet linking to the commit was > made on 2018-07-23, so awareness of the issue may have been high before > official disclosure. All Linux distributions should now have released > patches for the affected releases.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ