PT-2018-2493 · Freebsd+1 · Freebsd+1
Juha-Matti Tilli
·
Published
2018-08-06
·
Updated
2019-10-09
·
CVE-2018-6922
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
FreeBSD versions prior to 11.2-RELEASE-p1
FreeBSD versions prior to 11.1-RELEASE-p12
FreeBSD versions prior to 10.4-RELEASE-p10
Description
The issue is related to an inefficient algorithm used for TCP reassembly in the affected operating systems. This inefficiency can be exploited by a remote attacker who sends specially crafted TCP traffic, potentially leading to a denial of service by consuming excessive CPU resources and degrading network performance. The exploitation can be achieved with relatively small bandwidth cost.
Recommendations
For versions prior to 11.2-RELEASE-p1, update to 11.2-RELEASE-p1 or later.
For versions prior to 11.1-RELEASE-p12, update to 11.1-RELEASE-p12 or later.
For versions prior to 10.4-RELEASE-p10, update to 10.4-RELEASE-p10 or later.
Fix
DoS
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Freebsd
Ibm Aix