| From: |
| Stiepan <stie-ApZXk6FTjRn1P9xLtpHBDw-AT-public.gmane.org> |
| To: |
| oss-security-ZwoEplunGu1jrUoiu81ncdBPR1lH4CV8-AT-public.gmane.org |
| Subject: |
| Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) |
| Date: |
| Thu, 09 Aug 2018 07:12:27 +0000 |
| Message-ID: |
| <zNUITbiErWCUUDg_EPIWn8eZBFHlC7rwJsZ8XinnBTSFr6OydsAZUvPs8nXHKBxi0DJFw8K2KmePb8dysPMxfPcOURSJ6QR2HcKgaVRmmTs=@itk.swiss> |
| Cc: |
| ProtonMail Security Team <security-g/b1ySJe57IkP3XJZ0H8fw-AT-public.gmane.org>, "xiaoya.yang" <xiaoya.yang-G588Gj30R/k-AT-public.gmane.org> |
| Archive-link: |
| Article |
Hi,
Could you please provide some more details on the issue? About the same period, our secure e-mail
provider suffered an unprecedented DDoS with some e-mail messages never reaching us.
Since this has business impact, we consider legal action against the opaque Linux-distros
vulnerability-disclosure-among-friends-for-fun-and-profit scheme, that we exposed at the ITU
earlier this year. This is digital divide in the works, with real impact for non-club-members.
Regards,
Stiepan A. Kovac
President
itk AVtobvS SARL
Envoyé depuis ProtonMail mobile
-------- Message d'origine --------
On 8 août 2018 à 17:44, Matthew Garrett a écrit :
> CVE 2018-5390 is a remotely exploitable denial of service against Linux
> systems. It was patched in the public kernel tree on the 2018-07-23 and
> publicly disclosed on 2018-08-06. A public tweet linking to the commit was
> made on 2018-07-23, so awareness of the issue may have been high before
> official disclosure. All Linux distributions should now have released
> patches for the affected releases.
