Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique





















Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce - Linux kernel: denial of service via sfc

August 2012 by Vigil@nce

This bulletin was written by Vigil@nce : http://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

When the system uses a Solarflare network device, a remote attacker can use large TCP data, in order to lock the kernel.

Severity: 2/4

Creation date: 01/08/2012

IMPACTED PRODUCTS

- Linux kernel

DESCRIPTION OF THE VULNERABILITY

The TSO (TCP Segmentation Offload) feature is used to delegate the segmentation of TCP data to the network device. It is enabled by default.

The support of Solarflare network devices is implemented in the drivers/net/ethernet/sfc kernel driver. However, with DSO, and if the MSS (Maximum Segment Size) defined by the remote peer is low, the driver incorrectly computes the size of data to fragment, which indefinitely calls a watchdog.

When the system uses a Solarflare network device, a remote attacker can therefore use large TCP data, in order to lock the kernel.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/L...




See previous articles

    

See next articles