1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Linux PCs, Servers, Gadgets Can Be Crashed by 'Ping of Death' Network Packets

Discussion in 'General Network Security' started by microchip, Jun 18, 2019.

  1. microchip

    microchip Very Senior Member

    Joined:
    Sep 19, 2014
    Messages:
    533
    Location:
    Belgium
    https://www.theregister.co.uk/2019/06/17/linux_tcp_sack_kernel_crash/
     
  2. dave14305

    dave14305 Very Senior Member

    Joined:
    May 19, 2018
    Messages:
    872
  3. microchip

    microchip Very Senior Member

    Joined:
    Sep 19, 2014
    Messages:
    533
    Location:
    Belgium
    AFAIK, most routers are vulnerable to this. I already passed on the info to NETGEAR and they opened a security bulletin for it. No idea if/when they'll fix it and how (kernel patch or iptables rules)
     
  4. L&LD

    L&LD Part of the Furniture

    Joined:
    Dec 9, 2013
    Messages:
    9,592
  5. microchip

    microchip Very Senior Member

    Joined:
    Sep 19, 2014
    Messages:
    533
    Location:
    Belgium
    No, it's a kernel issue. You can send it specially crafted packets and it'll crash
     
    gattaca and L&LD like this.
  6. gattaca

    gattaca Regular Contributor

    Joined:
    Feb 18, 2012
    Messages:
    111
    Correct... any correctly formed frame will crash the kernels..
     
  7. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    8,860
    Location:
    UK
    Well...
    Code:
    [email protected]:/# ethtool -k eth0 | grep tcp-segmentation-offload
    tcp-segmentation-offload: off
     
    L&LD and dave14305 like this.
  8. dave14305

    dave14305 Very Senior Member

    Joined:
    May 19, 2018
    Messages:
    872
    I hadn’t thought to check entware for ethtool. :oops:
     
  9. dave14305

    dave14305 Very Senior Member

    Joined:
    May 19, 2018
    Messages:
    872
    L&LD likes this.