Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 10 Aug 2018 09:29:05 +1000 (EST)
From: Dave Horsfall <dave@...sfall.org>
To: oss-security@...ts.openwall.com
Subject: Re: Linux TCP implementation vulnerable to Denial of
 Service (CVE 2018-5390)

On Thu, 9 Aug 2018, Stiepan wrote:

> Could you please provide some more details on the issue? About the same 
> period, our secure e-mail provider suffered an unprecedented DDoS with 
> some e-mail messages never reaching us.

Would this be the well-known TCP re-assembly bug?  Send lots of small 
packets (say out of order), and the CPU spends most of its time in glueing 
them back together.

-- Dave

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ