Feeds

Linux kernel DoS risk under the spotlight

Don't be too alarmed

  • alert
  • submit to reddit

Choosing a cloud hosting partner with confidence

There is a potentially troublesome denial of service risk linked to a vuln in the Linux 2.4 kernel, concerning the cacheing of routing information.

A Red Hat advisory on the problem explains: "A remote attacker could send packets with carefully chosen, forged source addresses in such a way as to make every routing cache entry get hashed into the same hash chain. The result would be that the kernel would use a disproportionate amount of processor time to deal with new packets, resulting in a remote denial of service attack."

Red Hat has issued updated kernel packages.

An advisory by security outfit Secunia provides a list of other affected Linux distributions (too numerous to list here). An official patch or update for the Linux Kernel is yet to be made available, according to Secunia.

However workarounds are available and there's little evidence that the vulnerability has been maliciously exploited, at least for now. ®

Beginner's guide to SSL certificates

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.