|
New vulnerabilities may let hackers remotely SACK Linux - TechAmok
New vulnerabilities may let hackers remotely SACK Linux - [security] 06:09 PM EDT - Jun,18 2019 - post a comment The Linux and FreeBSD operating systems contain newly discovered vulnerabilities that make it easy for hackers to remotely crash servers and disrupt communications, researchers have warned. OS distributors are advising users to install patches when available or to make system settings that lower the chances of successful exploits.
The most severe of the vulnerabilities, dubbed SACK Panic, can be exploited by sending a specially crafted sequence of TCP Selective ACKnowledgements to a vulnerable computer or server. The system will respond by crashing, or in the parlance of engineers, entering a kernel panic. Successful exploitation of this vulnerability, tracked as CVE-2019-11477, results in a remote denial of service (DoS).
A second vulnerability also works by sending a series of malicious SACKs that consumes computing resources of the vulnerable system. Exploits most commonly work by fragmenting a queue reserved for retransmitting TCP packets. In some OS versions, attackers can cause what's known as an "expensive linked-list walk for subsequent SACKs." This can result in additional fragmentation, which has been dubbed "SACK slowness." Exploitation of this vulnerability, tracked as CVE-2019-11478, drastically degrades system performance and may eventually cause a complete DoS.
Both of these vulnerabilities exploit the way the OSes handle the above-mentioned TCP Selective ACKnowledgement (abbreviated SACK). SACK is a mechanism that allows a computer on the receiving end of a communication to apprise the sender of what segments have been successfully sent so that any lost ones can be resent. The parties set up the use of SACK during the three-way handshake that establishes the initial connection. The exploits work by overflowing a queue that stores received packets.
A vulnerability in FreeBSD 12 (tracked as CVE-2019-5599) works similarly to CVE-2019-11478 but instead interacts with the RACK send map of that OS.
A fourth vulnerability, tracked as CVE-2019-11479, can slow down affected systems by lowering the maximum segment size for a TCP connection. The setting causes vulnerable systems to send responses across multiple TCP segments, each of which contains only 8 bytes of data. Exploits cause the system to consume large amounts of bandwidth and resources in a way that degrades system performance. Maximum segment size is a setting contained in the header of a TCP packet that specifies the total amount of data contained in a reconstructed segment.
The vulnerabilities were discovered by researchers from Netflix and publicly reported Monday in a disclosure that was coordinated with the affected OS developers. Linux distributions have either released patches that fix the vulnerabilities or have recommended configuration changes that mitigate them. Workarounds include blocking connections with a low MSS, disabling SACK processing, or temporarily disabling the RACK TCP stack. These changes may break legitimate connections, and in the case of the RACK TCP stack being disabled, an attacker still may be able to cause an expensive linked-list walk for subsequent SACKs received for the same TCP connection.
The above-linked Netflix disclosure and this post from security firm Tenable are good places to get additional details. Affected OS users should consult with the developers of their distribution. Redhat has a good write-up here, and write-ups from Ubuntu and Amazon are here and here. |
|
Short overview of recent news articles |
Ballerina - Exclusive John Wick Deleted Scene (2025) Keanu Reeves, (Jul,03 2025 ) Call of Duty: WWII - Remote Code Execution Warning (PC Game Pass) (Jul,03 2025 ) 1014HP Lamborghini REVUELTO 369KMH TOP SPEED POV on AUTOBAHN (Jul,02 2025 ) Nvidia Drivers (V 576.80 vs V 576.88) - Test In 12 Games - RTX 4060 (Jul,01 2025 ) AMD Adrenalin 25.6.3 Driver Is Available (Jun,30 2025 ) NVIDIA GeForce RTX 5080 SUPER Could Feature 24 GB Memory, Increased (Jun,30 2025 ) Guess What Nvidia Did THIS Time (Jun,29 2025 ) The 10 Best Dinosaur Movies of All Time (Jun,28 2025 ) Microsoft officially confirms that Windows 11 version 25H2 is coming (Jun,28 2025 ) Eddington - Official Trailer 2 (2025) Joaquin Phoenix, Pedro Pascal (Jun,26 2025 ) Microsoft Say System Restore Points Now Expire After 60 Days (Jun,25 2025 ) Facebook, Netflix, and Microsoft Websites Hijacked to Insert Fake (Jun,25 2025 ) I put a $3000 GPU in my Average PC... It Was a Mistake (Jun,24 2025 ) Best External SSD for Mac 2025: After Weeks of Testing, Here's What (Jun,24 2025 ) Mostly boob jokes this week (RTX 5090 DD) - Tech News June 22 (Jun,23 2025 ) Superman - Official 30 Second Spot (2025) (Jun,21 2025 ) 'The fastest road car I've ever been in!' - Ferrari F80 track day (Jun,21 2025 ) CPU SCAM: AMD Ryzen 9800X3D Counterfeits & Fraud (Jun,20 2025 ) 28 Years Later Review (Jun,19 2025 ) HW News - NVIDIA "N1x" CPU Leak, ASUS Xbox ROG Ally, More Intel (Jun,18 2025 ) NVIDIA GeForce 576.80 WHQL Driver (Jun,17 2025 ) The Fantastic Four: First Steps - Official 'H.E.R.B.I.E.' Teaser (Jun,16 2025 ) Huawei Maextro S800 First Look - A True BMW & Mercedes Killer? (Jun,15 2025 ) Upgrade Windows 10 to Windows 10 LTSC Without Losing Data (Jun,14 2025 ) Squid Game: Season 3 - Final Games Trailer (Jun,14 2025 ) WWDC 2025: Everything Revealed in 9 Minutes (Jun,11 2025 ) Microsoft June 2025 Patch Tuesday fixes exploited zero-day, 66 flaws (Jun,10 2025 ) This Malware BREAKS WINDOWS! (Jun,10 2025 ) Reset Forgotten Password without Any Software, without USB drive in (Jun,10 2025 ) Microsoft Will Block Unsupported Hardware For Windows 11 (Jun,08 2025 ) Memory Wars! Apple vs Ryzen - Is Unified Memory Faster than Shared (Jun,08 2025 ) Predator: Killer of Killers - Exclusive Clip (2025) (Jun,06 2025 ) Enable Deep Effect on Samsung One Ui 7 (Jun,06 2025 ) Google Kills Off PayPal in Google Wallet (Jun,05 2025 ) Samsung's Next Flagship Foldable Will be Ultra (Jun,05 2025 ) Over 40 Malicious Chrome Extensions Mimic Popular Brands to Steal (Jun,05 2025 ) The Witcher IV - Unreal Engine 5 tech demo (Jun,03 2025 ) Nintendo Switch 2 Welcome Tour trailer (Jun,02 2025 ) Stranger Things 5 | Date Announcement | Netflix (Jun,01 2025 ) RTX 5060 Review... No wonder NVIDIA tried to stop us from talking (May,31 2025 ) Samsung Galaxy Watch 8 Classic Is Here - 7 New Updates (May,30 2025 ) Biggest Windows 11 24H2 May Update in the Main Release (May,30 2025 ) How Much Money Should You Spend on a Gaming PC? (May,29 2025 ) laud Note vs Note Pin - Which AI Voice Recorder To Choose (May,29 2025 ) Samsung One UI 8.0 vs One UI 7.0 - 25+ Changes (May,29 2025 ) SECRET CODE UPDATE for Samsung Galaxy Phone to Boost Performance & (May,28 2025 ) WhatsApp is finally available on iPad (May,27 2025 ) Simple Trick To Lower CPU Temperatures (May,27 2025 ) Alma & The Wolf - Official Trailer (2025) Ethan Embry, Li Jun Li, (May,26 2025 ) Change These Browser Security Settings NOW (May,25 2025 )
>> News Archive <<
| |
|