FragmentSmack Vulnerability to be Discovered in Windows

The vulnerability affects all versions of Windows 7 through 10, Server 2008, 2012, 2016, and Core Installations that don't have the latest security updates 
18 September 2018   1724

Microsoft released security recommendations regarding the vulnerability called FragmentSmack with the code number CVE-2018-5391. The exploit implements DoS-attacks, allowing an attacker to cause a full load of the CPU, because of which the OS ceases to respond to external influences. Vulnerabilities are affected by all versions of the operating system, starting with Windows 7, not having the latest security updates.

To implement the attack, an attacker sends a stream of eight-byte fragmented IP packets to the victim's computer with a random offset of the fragment. However, the last fragment is not sent. When the system tries to collect information into a single file, the worst case of the algorithm for processing the associated array is implemented. As a result, the load on the central processor reaches 100%. System performance is restored as soon as data flow ceases.

A similar vulnerability was observed in Windows 3.11 and 95, and resulted in a system crash.

The OS developers has already prepared the necessary updates. In case the user for some reason can not make an update, Microsoft recommends that to block the assembly of packages using console commands:

Netsh int ipv4 set global reassemblylimit = 0
Netsh int ipv6 set global reassemblylimit = 0

The company warns that these actions can lead to packet loss.

The Microsoft Azure FragmentSmack service will not have any effect, malicious traffic is blocked by external layers of protection for virtual machines.

FragmentSmack is a cross-platform vulnerability. In August 2018, this exploit was detected in Linux-based systems version 3.9 and higher. Developers have already released updates that eliminate the possibility of attack on this vector.

LLVM 10.0.0 to be Released

New version of the popular development toolkit brings, among other things, support for the C++ Concepts
26 March 2020   913

After six months of development, the release of the LLVM 10.0 project, a GCC-compatible toolkit (compilers, optimizers, and code generators), compiling programs into an intermediate bitcode of RISC-like virtual instructions (a low-level virtual machine with a multi-level optimization system), is presented. The generated pseudo-code can be converted using the JIT compiler into machine instructions directly at the time of program execution.

Among the new features of LLVM 10.0, there are support for C ++ Concepts (C ++ Concepts), termination of the launch of Clang in the form of a separate process, support for CFG checks (control flow guard) for Windows, and support for new CPU features.

The main innovations of LLVM 10.0:

  • New interprocedural optimizations and analyzers have been added to the Attributor framework. The prediction of the state of 19 different attributes, including 12 attributes of 12 LLVM IR and 7 abstract attributes such as liveness, is provided.
  • New built-in compiler matrix mathematical functions (Intrinsics) have been added, which, when compiled, are replaced by effective vector instructions.
  • Numerous improvements to the backends for the X86, AArch64, ARM, SystemZ, MIPS, AMDGPU, and PowerPC architectures. Added support for Cortex-A65, Cortex-A65AE, Neoverse E1 and Neoverse N1 CPUs. For ARMv8.1-M, ​​the code generation process has been optimized (for example, support for loops with minimal overhead has appeared) and support for auto-vectorization using the MVE extension has been added. Improved support for CPU MIPS Octeon. PowerPC includes vectorization of mathematical routines using the MASSV (Mathematical Acceleration SubSystem) library, improved code generation, and optimized memory access from loops. For x86, the processing of vector types v2i32, v4i16, v2i16, v8i8, v4i8 and v2i8 has been changed.
  • Improved code generator for WebAssembly. Added support for TLS (Thread-Local Storage) and atomic.fence instructions. Significantly expanded support for SIMD. WebAssembly object files added the ability to use function signatures with multiple values.
  • When processing cycles, the MemorySSA analyzer is used to determine the dependencies between different memory operations. MemorySSA can reduce compilation and execution time, or can be used instead of AliasSetTracker without sacrificing performance.
  • The LLDB debugger has significantly improved support for the DWARF v5 format. Improved build support with MinGW and added the initial ability to debug Windows executable files for ARM and ARM64 architectures. Added descriptions of options offered when autocompleting input by pressing tabs.
  • Enhanced LLD Linker Features. Improved support for the ELF format, including full compatibility of glob templates with the GNU linker, added support for the compressed debug sections ".zdebug", added the PT_GNU_PROPERTY property to determine the section (can be used in future Linux kernels), implemented modes "-z noseparate-code", "-z separate-code" and "-z separate-loadable-segments". Improved support for MinGW and WebAssembly.

Get more at the release notes.