TTCSIRT-095.030718: TT-CSIRT Advisory – Linux Security Updates

TTCSIRT-095.030718: TT-CSIRT Advisory – Linux Security Updates

Red Hat has released a security update stating that it is aware of DDoS (Distributed Denial of Service) amplification attacks being performed by exploiting memcached servers exposed to the public Internet. These attacks take advantage of memcached communication using the UDP protocol for transport. The attack is effective because of the high amplification ratio – a request with the size of a few hundred bytes can generate a response of a few megabytes or even hundreds of megabytes in size. This issue was assigned CVE-2018-1000115.

Further information on this vulnerability and how it can be mitigated can be found on the RED Hat Website at https://access.redhat.com/solutions/3369081