CERN to Use Open Source Instead Microsoft Products

Due to licensing policy change, Microsoft products prices increased x10 times
13 June 2019   320

The European Center for Nuclear Research (CERN) presented the project called MAlt (Microsoft Alternatives), which is working on avoiding the use of Microsoft products in favor of alternative solutions based on open source software. The nearest plans marked the replacement of "Skype for Business" with a solution based on an open VoIP stack and the launch of a local mail service to avoid using Outlook.

The final selection of open alternatives has not yet been completed; the migration is planned to be completed over the next few years. Among the main requirements for the new software is the absence of binding to the vendor, full control over their data and the use of standard solutions. Details about the project are planned to be announced on September 10.

The decision to switch to open source was made after a change in the licensing policy of Microsoft, which over the past 20 years has provided CERN software with significant discounts for educational institutions. Recently, Microsoft withdrew the status of an academic institution with CERN and upon completion of the current CERN contract will be required to pay the full cost in relation to the number of users. The calculation showed that the cost of purchasing licenses in the new scenario will increase by more than 10 times.

Vulnerabilities in Linux & FreeBSD TCP Stacks Detected

There are four vulnerabilities, which are marked as critical by the specialists
18 June 2019   106

Netflix has identified several critical vulnerabilities in the Linux and FreeBSD TCP stacks that allow to remotely initiate a kernel crash or cause excessive resource consumption when processing specially crafted TCP packets (packet-of-death). Problems are caused by errors in the handlers of the maximum size of the data block in the TCP packet (MSS, Maximum segment size) and the mechanism for selective acknowledgment of connections (SACK, TCP Selective Acknowledgment).

CVE-2019-11477 A sequence of SACKs may be crafted such that one can trigger an integer overflow, leading to a kernel panic. 

Fragments are saved when a packet loss occurs or the need for selective retransmission of packets, if SACK is enabled and TSO is supported by the driver. With a minimum MSS, only 8 bytes are allocated for one data segment, respectively, the number of segments required to send all data increases, and the structure can reach a limit of 17 fragments. To protect against overflow, there is a check in the code that calls the BUG_ON () function and puts the kernel in the panic state.

CVE-2019-11478 (SACK Slowness) It is possible to send a crafted sequence of SACKs which will fragment the TCP retransmission queue. On Linux kernels prior to 4.15, an attacker may be able to further exploit the fragmented queue to cause an expensive linked-list walk for subsequent SACKs received for that same TCP connection.

CVE-2019-5599 (SACK Slowness) It is possible to send a crafted sequence of SACKs which will fragment the RACK send a map. An attacker may be able to further exploit the fragmented send map to cause an expensive linked-list walk for subsequent SACKs received for that same TCP connection.

CVE-2019-11479 -An attacker can force the Linux kernel to segment its responses into multiple TCP segments, each of which contains only 8 bytes of data. This drastically increases the bandwidth required to deliver the same amount of data. Further, it consumes additional resources (CPU and NIC processing power). This attack requires continued effort from the attacker and the impacts will end shortly after the attacker stops sending traffic.

Get more info on the vulnerabilities, walkarounds and fixes at openwall.