Vulnerability in Linux Kernel TCP implementation
Équipe de recherche en sécurité Fastly, Fastly
Summary
On August 6, 2018, a vulnerability in the Linux kernel TCP implementation, called SegmentSmack, was publicly disclosed. This vulnerability allowed a remote attacker to cause a denial-of-service attack on a target server by simply establishing a TCP connection to the server and sending specific segments over the connection. Fastly has worked with the security community in advance of this disclosure to address this vulnerability in our edge networks. They pose no threat to Fastly customers.
Impact
Fastly has deployed kernel- and application-level mitigations to our entire edge network, rendering ineffective all known attacks that exploit this vulnerability.
Fix / Workarounds
Customers do not need to take any action in response to this vulnerability.
More information
You can learn more about this vulnerability here.
