US-CERT Warns of New Linux Kernel VulnerabilityUS-CERT Warns of New Linux Kernel Vulnerability
Patches now available to prevent DoS attack on Linux systems.
August 7, 2018
Denial-of-service attacks aren't just about external floods: A new US-CERT vulnerability note is a reminder that operating system kernel services can be used to effectively launch a DoS campaign against a system.
Vulnerability Note VU#962459 warns of a vulnerability in Linux kernels versions 4.9 and greater that can allow an attacker to overwhelm a network's resources with low-effort calls. With the right trigger, a Linux system can be forced to make a sequence of kernel calls for every packet – kernel calls that are hugely expensive in terms of system resources. There are limitations on the conditions, but the proof of the vulnerability exists.
Patches for the vulnerability are available for immediate application.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023