Linux kernel versions 4.9+ are vulnerable to Denial of Service attacks due to a resource exhaustion vulnerability. The issue is being tracked via CVE-2018-5390. The vulnerability has been named SegmentSmack. An attacker can exploit this bug by triggering expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue(). The attacker needs to send crafted TCP packets within already established TCP … Continue reading “SegmentSmack: CVE-2018-5390”