FreeBSD TCP Reassembly Denial of Service VulnerabilityAugust 20, 2018 pm31 11:23 pm

A vulnerability in the TCP reassembly algorithm used by FreeBSD could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.

The vulnerability exists because one of the data structures used by the affected software uses an inefficient algorithm to reassemble TCP segments. An attacker could exploit this vulnerability by sending TCP packets that submit malicious input to the targeted system. A successful exploit could cause excessive CPU resources to be utilized by the system, resulting in a DoS condition.

The FreeBSD Project has confirmed the vulnerability and released software patches.

Security Impact Rating: High

CVE: CVE-2018-6922

%d bloggers like this: