Denial of service in FreeBSD



Published: 2018-08-07 | Updated: 2019-07-28
Risk Medium
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2018-6922
CWE-ID CWE-400
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
FreeBSD
Operating systems & Components / Operating system

Vendor FreeBSD Foundation

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Resource exhaustion

EUVDB-ID: #VU14203

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2018-6922

CWE-ID: CWE-400 - Uncontrolled Resource Consumption ('Resource Exhaustion')

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to the system uses an inefficient TCP reassembly algorithm. A remote attacker can send specially crafted packets within ongoing TCP sessions to consume excessive CPU resources and cause the service to crash.

Mitigation

As a workaround, system administrators should configure their systems to only accept TCP connections from trusted end-stations, if it is possible to do so.

For systems which must accept TCP connections from untrusted end-stations, the workaround is to limit the size of each reassembly queue. The capability to do that is added by the patches noted in the "Solution" section below.

Vulnerable software versions

FreeBSD: 5.3 - 11.1


CPE2.3 External links

http://www.freebsd.org/security/advisories/FreeBSD-SA-18:08.tcp.asc

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###