Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Security Linux IT Technology

Linux PCs, Servers, Gadgets Can Be Crashed by 'Ping of Death' Network Packets (theregister.co.uk) 132

Artem S. Tashkinov writes: The Register reports that it is possible to crash network-facing Linux servers, PCs, smartphones and tablets, and gadgets, or slow down their network connections, by sending them a series of maliciously crafted packets. It is also possible to hamper FreeBSD machines with the same attack. Patches and mitigations are available, and can be applied by hand if needed, or you can wait for a security fix to be pushed or offered to your at-risk device. A key workaround is to set /proc/sys/net/ipv4/tcp_sack to 0. At the heart of the drama is a programming flaw dubbed SACK Panic aka CVE-2019-11477: this bug can be exploited to remotely crash systems powered by Linux kernel version 2.6.29 or higher, which was released 10 years ago.
This discussion has been archived. No new comments can be posted.

Linux PCs, Servers, Gadgets Can Be Crashed by 'Ping of Death' Network Packets

Comments Filter:
  • How does it react to OpenBSD?
    • by Anonymous Coward

      /*
      * Delete stale (i.e, cumulatively ack'd) holes. Hole is deleted only if
      * it is completely acked; otherwise, tcp_sack_option(), called from
      * tcp_dooptions(), will fix up the hole.
      */
      void
      tcp_del_sackholes(struct tcpcb *tp, struct tcphdr *th)
      {
      if (tp->sack_enable && tp->t_state != TCPS_LISTEN) { /* max because this could be an older ack just arrived */
      tcp_seq lastack = SEQ_GT(th-

      • while (...)
                        if (...) {
                        } else
                                  break;

        Ew! Pass the eye bleach! Did a Python programmer write that?

        • Not Python. Too many "unnecessary" brackets and semi colons. And wavy bracktes {} aren't used that way in Python. And the -> operator seems to be a recent and quite obscure addition to the language that most folks don't know about. https://stackoverflow.com/ques... [stackoverflow.com]

          Maybe pretty printed C or C++? Haven't looked at either for decades

    • Re: (Score:2, Informative)

      by Anonymous Coward

      No sure about OpenBSD, but the vulnerability on FreeBSD is present only if using the "Rack TCP stack", which is an optional TCP stack contributed by Netflix and is not active by default.

      So stock FreeBSD is not vulnerable, nor are the other BSDs, unless this feature has been activated. The article is misleading in this.

      I'm also confident the patches will be incorporated soon in the official tree.

    • by jmccue ( 834797 )

      It speeds it up

      I and using OpenBSD

    • Comment removed based on user account deletion
  • Can someone just make any server crash like that? Doesn't make the vulnerability critical?
  • by cyber-vandal ( 148830 ) on Monday June 17, 2019 @03:53PM (#58778002) Homepage

    Here

  • Netflix (Score:5, Informative)

    by darkain ( 749283 ) on Monday June 17, 2019 @04:23PM (#58778172) Homepage

    Actual source information. It was discovered, reported, and fixed by Netflix engineering team. https://github.com/Netflix/sec... [github.com]

  • From TFA: echo 1 > /proc/sys/net/ipv4/tcp_sack

    Anyone know the implications of this?

  • Not comparable with "others" :P
  • A little web searching finds that the way to disable this is to add this line to /etc/sysctl.conf:

    net.ipv4.tcp_sack=0

  • Unpossible. (Score:4, Funny)

    by thegarbz ( 1787294 ) on Monday June 17, 2019 @06:15PM (#58778814)

    Linux is perfect. Only Windows has an imperfect network stack so only Windows should be affected right?

  • and wants its DoS attack back.
  • Will pf's "scrub on $wan all reassemble tcp" catch this and take care of it, or does the problem happen on a lower level?

Avoid strange women and temporary variables.

Working...