Updated:06:32 PM EDT Oct 22


this is ggmania.com subsite New vulnerabilities may let hackers remotely SACK Linux - TechAmok

TOP STORIES

HEADLINES

Greta Thunberg sings Swedish Death Metal
2 Hands 2 Drawings at the same Time - DP Truong
Naruto Running in Area 51
App vs website
Experiment: Coca Cola and Mentos Under Water
Wi-Fi 6 Launches Today As 802.11ax
How Close Are We to Immortality?
20 MOST EMBARRASSING MOMENTS IN SPORTS
7 Best Xbox Emulators For Your PC
Kodi 18.4 released
The Rise And Fall Of The Headphone Jack
Windows 10 20H1 major improvements revealed
Slipknot - Gun Cover!
10-Second Video Of A Mom Embarrassing Her Daughter
Lock Picker Bypasses Popular Security System With $2 Device
NVIDIA Issues Warning to Upgrade Drivers Due to Security Patches
20 Awesome Tricks with WD-40
Slipknot - Solway Firth [OFFICIAL VIDEO]

LG Brings G8X ThinQ with Dual Screen to US
Slipknot - Psychosocial in 25 styles
Xiaomi Launches Mi Surface Display Gaming Monitors
NVIDIA Releases GeForce 440.97 WHQL Game Ready Drivers
NVIDIA GeForce GTX 1660 SUPER launches October 29th
Microsoft Pushes Intel 'Haswell' Microcode Update to Harden
This 'Invisibility Cloak' Technology Is Mind-Boggling
Tourist In Iceland Ignores "Don't Walk On The Ice" Signs
Windows 10 v1903 and 1909 CPU requirements
Intel Could Unveil First Discrete 10 nm GPUs in mid-2020
Get Observer and Alan Wake's American Nightmare for free
Patrick Day: Boxer dies in hospital four days after suffering brain
No shots Dr. Vet man! I am fierce! Ok, one shot... But I didn't
THE ROOM Official Trailer (2019) Olga Kurylenko, Mystery, Sci-Fi
PCI-Express Gen 6.0 Specification to Finalize by 2021
Data for a whopping 26M stolen payment cards leaked in hack of fraud
BLONDE GIRL HILARIOUS ROLLER COASTER REACTION!!
Sexpot Survey: Those Blonde Bombshells Of The '50s & '60s

New vulnerabilities may let hackers remotely SACK Linux - [security]
06:09 PM EDT - Jun,18 2019 - post a comment

The Linux and FreeBSD operating systems contain newly discovered vulnerabilities that make it easy for hackers to remotely crash servers and disrupt communications, researchers have warned. OS distributors are advising users to install patches when available or to make system settings that lower the chances of successful exploits. The most severe of the vulnerabilities, dubbed SACK Panic, can be exploited by sending a specially crafted sequence of TCP Selective ACKnowledgements to a vulnerable computer or server. The system will respond by crashing, or in the parlance of engineers, entering a kernel panic. Successful exploitation of this vulnerability, tracked as CVE-2019-11477, results in a remote denial of service (DoS). A second vulnerability also works by sending a series of malicious SACKs that consumes computing resources of the vulnerable system. Exploits most commonly work by fragmenting a queue reserved for retransmitting TCP packets. In some OS versions, attackers can cause what's known as an "expensive linked-list walk for subsequent SACKs." This can result in additional fragmentation, which has been dubbed "SACK slowness." Exploitation of this vulnerability, tracked as CVE-2019-11478, drastically degrades system performance and may eventually cause a complete DoS. Both of these vulnerabilities exploit the way the OSes handle the above-mentioned TCP Selective ACKnowledgement (abbreviated SACK). SACK is a mechanism that allows a computer on the receiving end of a communication to apprise the sender of what segments have been successfully sent so that any lost ones can be resent. The parties set up the use of SACK during the three-way handshake that establishes the initial connection. The exploits work by overflowing a queue that stores received packets. A vulnerability in FreeBSD 12 (tracked as CVE-2019-5599) works similarly to CVE-2019-11478 but instead interacts with the RACK send map of that OS. A fourth vulnerability, tracked as CVE-2019-11479, can slow down affected systems by lowering the maximum segment size for a TCP connection. The setting causes vulnerable systems to send responses across multiple TCP segments, each of which contains only 8 bytes of data. Exploits cause the system to consume large amounts of bandwidth and resources in a way that degrades system performance. Maximum segment size is a setting contained in the header of a TCP packet that specifies the total amount of data contained in a reconstructed segment.

The vulnerabilities were discovered by researchers from Netflix and publicly reported Monday in a disclosure that was coordinated with the affected OS developers. Linux distributions have either released patches that fix the vulnerabilities or have recommended configuration changes that mitigate them. Workarounds include blocking connections with a low MSS, disabling SACK processing, or temporarily disabling the RACK TCP stack. These changes may break legitimate connections, and in the case of the RACK TCP stack being disabled, an attacker still may be able to cause an expensive linked-list walk for subsequent SACKs received for the same TCP connection.

The above-linked Netflix disclosure and this post from security firm Tenable are good places to get additional details. Affected OS users should consult with the developers of their distribution. Redhat has a good write-up here, and write-ups from Ubuntu and Amazon are here and here.


Short overview of recent news articles

Oct,15 2019 Bombshell Trailer #1 (2019)
Oct,15 2019 Frozen II International Trailer #1 (2019)
Oct,15 2019 Streaming Game Services Launching
Oct,15 2019 Google Pixel 4 Uses RADAR to Read Hand Gestures
Oct,15 2019 You can now play 2500 MS-DOS games in your browser for free
Oct,14 2019 What if We Nuke a City?
Oct,14 2019 Nvidia's GeForce Now streaming service is now available for Android
Oct,12 2019 Girl Gets Head Stuck In Pumpkin!!
Oct,12 2019 Low-flying helicopter wrecks VIP podium at Indonesian army parade
Oct,10 2019 Nubia Red Magic 3S Offers Gaming Specs for $479
Oct,10 2019 Microsoft won't fix an important security flaw in Windows 10 Mobile
Oct,09 2019 Adobe Pulls the Plug on Venezuela
Oct,08 2019 What's inside a Tesla Engine?
Oct,08 2019 PlayStation Remote Play Available for Android
Oct,08 2019 PlayStation 5 officially launches Holiday 2020
Oct,07 2019 Modern Warfare launch gameplay trailer
Oct,07 2019 AMD Radeon Software Adrenalin 2019 Edition 19.10.1 drivers
Oct,07 2019 AMD officially announces Radeon RX 5500
Oct,07 2019 Star Trek: Picard - NYCC Trailer
Oct,06 2019 This cat is ready for spooky season
Oct,05 2019 MacBook Air - Can't Believe How Poorly The Cooling System Is
Oct,05 2019 No, Vitamin C won't cure your cold
Oct,05 2019 Baby One More Time - Piano Cover - Britney Spears
Oct,05 2019 ENDGAME BUT IN 7 DIFFERENT GENRES
Oct,04 2019 Asus ROG Phone II for Non-Gamers
>> News Archive <<

TechAmok - Privacy Policy        loading time:0.01secs