On the week of July 15th, researcher Juha-Matti Tilli disclosed a vulnerability in the Linux kernel to the kernel maintainers, the National Cyber Security Center - Finland (NCSC-FI), CERT Coordination Center (CERT/CC), and Akamai. The vulnerability, CVE-2018-5391, is a resource exhaustion attack triggered by a specially crafted stream of IP datagrams that cause expensive processing within the Linux kernel. This vulnerability is similar to the Linux TCP vulnerability announced August, 6th, 2018.

In preparation for the public disclosure of the vulnerability, Akamai prepared and began deploying patches for its network. Simultaneously, Akamai has been working with external parties to ensure the fix was sufficient to protect its network and customers. Akamai continues to work closely with the vulnerability coordinators at NCSC-FI and CERT/CC to aid the vulnerability disclosure, testing, and notification processes.

Impact on our Network

Shortly after notification of the vulnerability, we began the process of patching our systems, starting with the most critical of our services and continuing on to the rest of our network. Currently, all critical services are patched and we are working to complete the patching on the few remaining systems that could be impacted.

How to protect yourself

We recommend updating your operating system as soon as patches are available. Patches are expected to start appearing in normal distribution channels today, August 14th, with other vendors providing updates as they become available. Keep an eye out for CVE-2018-5391 listed in the release notes of your distribution.

Akamai thanks Juha-Matti Tilli for his efforts in working with our security team and other organizations involved to make it possible to quickly respond to this vulnerability.