SegmentSmack and FragmentSmack
SegmentSmack (CVE-2018-5390) and FragmentSmack (CVE-2018-5391) potentially exploitable to trigger a DoS condition.
These vulnerabilities reside in the Linux kernel’s TCP stack. An attacker can exploit them by sending malformed TCP or IP packets to cause the cause a significant resource usage in Linux-based systems.
The saturation of resources on the vulnerable system could lead to their reboot.
Vulnerable devices:
- Linux kernel 4.9 and later are vulnerable to SegmentSmack Linux devices running Linux kernel 3.9 and later are vulnerable to FragmentSmack.
“Vendors of Linux-based SOHO routers will probably be slower in incorporating these updates. ISP-grade routers, firewall providers, cloud services, and hosting firms will also have to ship or deploy updates.”