FragmentSmack vulnerability is a DoS bug that allows an unauthenticated attacker to increase CPU usage through the roof on affected machines, jamming servers, rendering them unresponsive with abnormal IPv4 or IPv6 packets. Systems under a DoS attack with FragmentSmack are inoperable for the duration of the attack. As soon as the packet stream stops, the operating system recovers and the CPU returns to normal usage.
Cisco Product Vulnerability and Solution
Many of the products currently under investigation are designed for enterprises and service providers in the routing and switching category. If you’re interested in a full list of products known to be affected by FragmentSmack, check the advisory list here.
Until a patch becomes available for your specific product or service there may be a “Workaround” available to you. You can check your product-specific documentation or the platform-dependent workarounds to see what is available to you. Both are listed in the “Vulnerable Products” section of the advisory link above.
Windows Systems Vulnerability and Solution
The effect is that the CPU of the machine reaches 100% and renders the operating system unresponsive until the attacker stops sending malformed IP packets.
Microsoft suggests using the command below to disable packet reassembly as a workaround for the FragmentSmack vulnerability DoS bug:
The code will drop any packets that are out of order, increasing the potential of losses. To avoid any problems there should not be more than 50 out-of-order packets