Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:13130
HistoryJan 15, 2019 - 9:26 a.m.

Denial Of Service (DoS)

2019-01-1509:26:15
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16

EPSS

0.783

Percentile

98.3%

Linux kernel is vulnerable to denial of service. A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending malicious packets within ongoing TCP sessions that could lead to a CPU saturation and consequently a denial of service on the system. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses.

References