Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@ance: Linux kernel, denial of service via RTO

March 2010 by Vigil@nce

SYNTHESIS OF THE VULNERABILITY

When a Linux 2.6.32.x system proposes a TCP service, an attacker
can force an error in the computation of the RTO (Retransmission
Timeout), which overloads the system.

Severity: 2/4

Consequences: denial of service of computer

Provenance: internet client

Means of attack: 1 attack

Ability of attacker: technician (2/4)

Confidence: confirmed by the editor (5/5)

Diffusion of the vulnerable configuration: high (3/3)

Creation date: 23/02/2010

IMPACTED PRODUCTS

 Linux kernel

DESCRIPTION OF THE VULNERABILITY

Since kernel version 2.6.32, the RTO (Retransmission Timeout)
computation method changed. This timeout is computed from:
 information in the TCP Timestamp option
 the transit duration of first bytes

However, if the system did not receive a TCP Timestamp option nor
data bytes, the RTO is null. When an error occurs, the system thus
tries to re-emits its packets in a loop which consumes resources.

When a Linux 2.6.32.x system proposes a TCP service, an attacker
can therefore force an error in the computation of the RTO
(Retransmission Timeout), which overloads the system.

CHARACTERISTICS

Identifiers: BID-38355, VIGILANCE-VUL-9465

http://vigilance.fr/vulnerability/Linux-kernel-denial-of-service-via-RTO-9465


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts