Akamai Diversity
Home > August 2018

August 2018 Archives

Linux Kernel TCP Vulnerability

On the week of July 15th researcher Juha-Matti Tilli disclosed a vulnerability he discovered in the Linux kernel to the kernel maintainers, the National Cyber Security Center - Finland (NCSC-FI), CERT Coordination Center (CERT/CC), and Akamai. The vulnerability, CVE-2018-5390, is a resource exhaustion attack triggered by a specially crafted stream of TCP segments which creates expensive processing within the Linux kernel.

In preparation for the public disclosure of the vulnerability, Akamai prepared and began deploying patches for its network.  Simultaneously, Akamai has been working with external parties to ensure that the solution works, verifying that the fix was sufficient to protect its network and customers. Akamai continues to work closely with the vulnerability coordinators at NCSC-FI and CERT/CC to aid the vulnerability disclosure, testing and notification processes.

This issue impacts nearly all current Linux systems, while versions of the Linux kernel release 4.9 or later being the most susceptible. Release version 4.8 and older, while still impacted, require more malicious traffic to exhibit the same level of resource exhaustion.

Threat Identity...The First Line of Defense

Last quarter, we discussed zero trust and identity in regard to remote application access. This focus was primarily looking at enterprise users seeking to gain access to applications on a network where there are no boundaries: The internet. In the concept of zero trust, the internet is considered hostile and users are accessing resources from multiple devices and from many different locations. With this in mind, it is critical for organizations to be able to identify: