6 matches found
Citrix Security Advisory for TCP/IP Reassembly Resource Exhaustion
Description of Problem Several vulnerabilities in TCP/IP reassembly commonly known as SegmentSmack and FragmentSmack have recently been disclosed. SegmentSmack is CVE-2018-5390 for Linux and CVE-2018-6922 for FreeBSD. FragmentSmack is CVE-2018-5391 for Linux and CVE-2018-6923 for FreeBSD. These...
CVE-2018-6922
creationtimestamp| type| source ---|---|--- 2018-12-31 08:32:57+00:00| seen| https://www.kyberturvallisuuskeskus.fi/fi/tcp-pinojen-haavoittuvuus...
CVE-2018-6922
One of the data structures that holds TCP segments in all versions of FreeBSD prior to 11.2-RELEASE-p1, 11.1-RELEASE-p12, and 10.4-RELEASE-p10 uses an inefficient algorithm to reassemble the data. This causes the CPU time spent on segment processing to grow linearly with the number of segments in...
CVE-2018-6922
One of the data structures that holds TCP segments in all versions of FreeBSD prior to 11.2-RELEASE-p1, 11.1-RELEASE-p12, and 10.4-RELEASE-p10 uses an inefficient algorithm to reassemble the data. This causes the CPU time spent on segment processing to grow linearly with the number of segments in...
CVE-2018-6922
CVE-2018-6922 describes a denial-of-service vulnerability in FreeBSD where an inefficient TCP reassembly algorithm causes CPU usage to scale with the reassembly queue length. A remote attacker able to send TCP traffic to a vulnerable system can degrade network performance or exhaust CPU. Affected...
FreeBSD : FreeBSD -- Resource exhaustion in TCP reassembly (3c2eea8c-99bf-11e8-8bee-a4badb2f4699)
One of the data structures that holds TCP segments uses an inefficient algorithm to reassemble the data. This causes the CPU time spent on segment processing to grow linearly with the number of segments in the reassembly queue. Impact : An attacker who has the ability to send TCP traffic to a...