{"containers": {"cna": {"affected": [{"product": "Linux Kernel", "vendor": "Linux", "versions": [{"lessThan": "4.9*", "status": "affected", "version": "4.9", "versionType": "custom"}]}], "datePublic": "2018-07-23T00:00:00", "descriptions": [{"lang": "en", "value": "Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-400", "description": "CWE-400", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-07-15T02:22:59", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc"}, "references": [{"name": "RHSA-2018:2785", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:2785"}, {"name": "VU#962459", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "https://www.kb.cert.org/vuls/id/962459"}, {"name": "USN-3741-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3741-2/"}, {"name": "RHSA-2018:2776", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:2776"}, {"name": "RHSA-2018:2933", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:2933"}, {"name": "RHSA-2018:2403", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:2403"}, {"name": "RHSA-2018:2395", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:2395"}, {"name": "USN-3763-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3763-1/"}, {"name": "RHSA-2018:2384", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:2384"}, {"name": "USN-3741-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3741-1/"}, {"name": "RHSA-2018:2402", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:2402"}, {"name": "RHSA-2018:2948", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:2948"}, {"name": "USN-3742-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3742-2/"}, {"name": "1041434", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1041434"}, {"name": "USN-3732-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3732-2/"}, {"name": "104976", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/104976"}, {"name": "[debian-lts-announce] 20180815 [SECURITY] [DLA 1466-1] linux-4.9 security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html"}, {"name": "1041424", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1041424"}, {"name": "USN-3742-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3742-1/"}, {"name": "RHSA-2018:2924", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:2924"}, {"name": "20180824 Linux and FreeBSD Kernels TCP Reassembly Denial of Service Vulnerabilities Affecting Cisco Products: August 2018", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180824-linux-tcp"}, {"name": "RHSA-2018:2789", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:2789"}, {"name": "DSA-4266", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2018/dsa-4266"}, {"name": "RHSA-2018:2645", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:2645"}, {"name": "USN-3732-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3732-1/"}, {"name": "RHSA-2018:2791", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:2791"}, {"name": "RHSA-2018:2790", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:2790"}, {"name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"}, {"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"}, {"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpujul2020.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20180815-0003/"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.synology.com/support/security/Synology_SA_18_41"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.f5.com/csp/article/K95343321"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.a10networks.com/support/security-advisories/tcp-ip-cve-2018-5390-segmentsmack"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=1a4f14bab1868b443f0dd3c55b689a478f82e72e"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.f5.com/csp/article/K95343321?utm_source=f5support&amp%3Butm_medium=RSS"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181031-02-linux-en"}], "source": {"discovery": "UNKNOWN"}, "title": "Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cert@cert.org", "ID": "CVE-2018-5390", "STATE": "PUBLIC", "TITLE": "Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Linux Kernel", "version": {"version_data": [{"affected": ">=", "version_affected": ">=", "version_name": "4.9", "version_value": "4.9"}]}}]}, "vendor_name": "Linux"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-400"}]}]}, "references": {"reference_data": [{"name": "RHSA-2018:2785", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2785"}, {"name": "VU#962459", "refsource": "CERT-VN", "url": "https://www.kb.cert.org/vuls/id/962459"}, {"name": "USN-3741-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3741-2/"}, {"name": "RHSA-2018:2776", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2776"}, {"name": "RHSA-2018:2933", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2933"}, {"name": "RHSA-2018:2403", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2403"}, {"name": "RHSA-2018:2395", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2395"}, {"name": "USN-3763-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3763-1/"}, {"name": "RHSA-2018:2384", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2384"}, {"name": "USN-3741-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3741-1/"}, {"name": "RHSA-2018:2402", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2402"}, {"name": "RHSA-2018:2948", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2948"}, {"name": "USN-3742-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3742-2/"}, {"name": "1041434", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1041434"}, {"name": "USN-3732-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3732-2/"}, {"name": "104976", "refsource": "BID", "url": "http://www.securityfocus.com/bid/104976"}, {"name": "[debian-lts-announce] 20180815 [SECURITY] [DLA 1466-1] linux-4.9 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html"}, {"name": "1041424", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1041424"}, {"name": "USN-3742-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3742-1/"}, {"name": "RHSA-2018:2924", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2924"}, {"name": "20180824 Linux and FreeBSD Kernels TCP Reassembly Denial of Service Vulnerabilities Affecting Cisco Products: August 2018", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180824-linux-tcp"}, {"name": "RHSA-2018:2789", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2789"}, {"name": "DSA-4266", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4266"}, {"name": "RHSA-2018:2645", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2645"}, {"name": "USN-3732-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3732-1/"}, {"name": "RHSA-2018:2791", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2791"}, {"name": "RHSA-2018:2790", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2790"}, {"name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"}, {"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"}, {"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"}, {"name": "https://www.oracle.com/security-alerts/cpujul2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2020.html"}, {"name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "refsource": "CONFIRM", "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"}, {"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", "refsource": "CONFIRM", "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"}, {"name": "https://security.netapp.com/advisory/ntap-20180815-0003/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20180815-0003/"}, {"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt", "refsource": "CONFIRM", "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt"}, {"name": "https://www.synology.com/support/security/Synology_SA_18_41", "refsource": "CONFIRM", "url": "https://www.synology.com/support/security/Synology_SA_18_41"}, {"name": "https://support.f5.com/csp/article/K95343321", "refsource": "CONFIRM", "url": "https://support.f5.com/csp/article/K95343321"}, {"name": "https://www.a10networks.com/support/security-advisories/tcp-ip-cve-2018-5390-segmentsmack", "refsource": "CONFIRM", "url": "https://www.a10networks.com/support/security-advisories/tcp-ip-cve-2018-5390-segmentsmack"}, {"name": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=1a4f14bab1868b443f0dd3c55b689a478f82e72e", "refsource": "CONFIRM", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=1a4f14bab1868b443f0dd3c55b689a478f82e72e"}, {"name": "https://support.f5.com/csp/article/K95343321?utm_source=f5support&utm_medium=RSS", "refsource": "CONFIRM", "url": "https://support.f5.com/csp/article/K95343321?utm_source=f5support&utm_medium=RSS"}, {"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf"}, {"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181031-02-linux-en", "refsource": "CONFIRM", "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181031-02-linux-en"}]}, "source": {"discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T05:33:44.409Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2018:2785", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:2785"}, {"name": "VU#962459", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "https://www.kb.cert.org/vuls/id/962459"}, {"name": "USN-3741-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3741-2/"}, {"name": "RHSA-2018:2776", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:2776"}, {"name": "RHSA-2018:2933", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:2933"}, {"name": "RHSA-2018:2403", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:2403"}, {"name": "RHSA-2018:2395", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:2395"}, {"name": "USN-3763-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3763-1/"}, {"name": "RHSA-2018:2384", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:2384"}, {"name": "USN-3741-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3741-1/"}, {"name": "RHSA-2018:2402", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:2402"}, {"name": "RHSA-2018:2948", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:2948"}, {"name": "USN-3742-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3742-2/"}, {"name": "1041434", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1041434"}, {"name": "USN-3732-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3732-2/"}, {"name": "104976", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/104976"}, {"name": "[debian-lts-announce] 20180815 [SECURITY] [DLA 1466-1] linux-4.9 security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html"}, {"name": "1041424", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1041424"}, {"name": "USN-3742-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3742-1/"}, {"name": "RHSA-2018:2924", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:2924"}, {"name": "20180824 Linux and FreeBSD Kernels TCP Reassembly Denial of Service Vulnerabilities Affecting Cisco Products: August 2018", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180824-linux-tcp"}, {"name": "RHSA-2018:2789", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:2789"}, {"name": "DSA-4266", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2018/dsa-4266"}, {"name": "RHSA-2018:2645", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:2645"}, {"name": "USN-3732-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3732-1/"}, {"name": "RHSA-2018:2791", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:2791"}, {"name": "RHSA-2018:2790", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:2790"}, {"name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"}, {"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"}, {"name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/security-alerts/cpujul2020.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20180815-0003/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.synology.com/support/security/Synology_SA_18_41"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.f5.com/csp/article/K95343321"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.a10networks.com/support/security-advisories/tcp-ip-cve-2018-5390-segmentsmack"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=1a4f14bab1868b443f0dd3c55b689a478f82e72e"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.f5.com/csp/article/K95343321?utm_source=f5support&amp%3Butm_medium=RSS"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181031-02-linux-en"}]}]}, "cveMetadata": {"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2018-5390", "datePublished": "2018-08-06T20:00:00", "dateReserved": "2018-01-12T00:00:00", "dateUpdated": "2024-08-05T05:33:44.409Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "AF83BB87-B203-48F9-9D06-48A5FE399050", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*", "matchCriteriaId": "16E6D998-B41D-4B49-9E00-8336D2E40A4A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "1C8D871B-AEA1-4407-AEE3-47EC782250FF", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "2EDC8561-5E0A-4692-BB71-C88ED7A1229F", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:*", "matchCriteriaId": "6C81647C-9A53-481D-A54C-36770A093F90", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "44B067C7-735E-43C9-9188-7E1522A02491", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*", "matchCriteriaId": "13E02156-E748-4820-B76F-7074793837E1", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "6755B6AD-0422-467B-8115-34A60B1D1A40", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "D6E2A48A-1AFB-4878-AE78-18613DE9334F", "versionEndExcluding": "4.18", "versionStartIncluding": "4.9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:4.18:rc1:*:*:*:*:*:*", "matchCriteriaId": "0758920B-F8FC-44AB-92E3-CB0B0A5EDA76", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:4.18:rc2:*:*:*:*:*:*", "matchCriteriaId": "81EBA79F-0ABF-4213-8BEF-9A927F9E24D4", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:4.18:rc3:*:*:*:*:*:*", "matchCriteriaId": "364BE028-0C54-4254-9261-59D97C0EDC1F", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:4.18:rc4:*:*:*:*:*:*", "matchCriteriaId": "C5CD0194-46B1-4CCC-9829-8ED014B77660", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:4.18:rc5:*:*:*:*:*:*", "matchCriteriaId": "DB2B91AF-ACE1-4F6F-B2D0-9D4B7D8D20CE", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:4.18:rc6:*:*:*:*:*:*", "matchCriteriaId": "30FBD992-DD41-441E-A6C7-D39DAC45DA34", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hp:aruba_airwave_amp:*:*:*:*:*:*:*:*", "matchCriteriaId": "4A3E8408-DE01-4B3C-9FDF-A51261C524BD", "versionEndExcluding": "8.2.7.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:aruba_clearpass_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "0E49DB15-06E7-4709-933E-890A7E65A240", "versionEndIncluding": "6.6.9", "versionStartIncluding": "6.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:aruba_clearpass_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "A29A8C01-7E4E-4662-B4F3-07DEF07CC600", "versionEndIncluding": "6.7.5", "versionStartIncluding": "6.7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "41E6AF24-0676-4B70-A289-7B81321194DF", "versionEndIncluding": "11.6.3", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "6BB42D3A-71EE-4367-9F65-86404D74E59D", "versionEndIncluding": "12.1.3", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "1331467F-B278-485E-AD91-7D0643C2F3DB", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "44E8F4B6-ACF1-4F2C-A2A4-DF7382CCE628", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "195704A8-4911-4A61-8369-711D403052F1", "versionEndIncluding": "11.6.3", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E5011C2D-FBB5-4117-BB97-11DE70117345", "versionEndIncluding": "12.1.3", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E866C4E5-D739-4352-9B6D-9753B4C78A24", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "D1FDA72E-991D-4451-9C8E-E738F4D12728", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "DDE5A2D0-C268-4D2D-A001-AEC17E92B1DA", "versionEndIncluding": "11.6.3", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "79344F94-2CB8-4F08-9373-61614A38476C", "versionEndIncluding": "12.1.3", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", "matchCriteriaId": "42D16634-442B-4674-B11E-6748D28764BD", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_analytics:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "622C877B-760A-4C50-9FDF-998C010B864E", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "7FA10863-C4C8-4658-8EEA-BC71B3522F36", "versionEndIncluding": "11.6.3", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E5D00EED-F95D-4458-BDC4-3390DE85348B", "versionEndIncluding": "12.1.3", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "1D91EC11-DD9A-434B-9EB4-14AA0E977D8D", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "292EC144-CBA2-4275-9F70-4ED65A505B39", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E6EC3436-7FAE-4311-8103-7ADBAF40E1C1", "versionEndIncluding": "11.6.3", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "397AC4A5-B67C-483B-84F7-8CB294BB460C", "versionEndIncluding": "12.1.3", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E697E4FD-1882-4BF8-9B9F-FB7DFD19497B", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "80509490-50DA-42F8-8A4A-A6F6B95649BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "18A39E28-E7BB-47A3-988B-4EBF070D3538", "versionEndIncluding": "11.6.3", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "1466F808-2596-4028-8884-27EDD5CACB47", "versionEndIncluding": "12.1.3", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "394DF290-9328-4FAD-B04E-61F62B916148", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "D7BBEC67-BD2E-49D5-8294-977D975D98D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "D931BC21-AF80-400C-A7E9-2C4AB19D748A", "versionEndIncluding": "11.6.3", "versionStartIncluding": "11.5.1.", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "6A11E433-943D-4D92-B45E-3FA268094278", "versionEndIncluding": "12.1.3", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "96AA67E0-3471-4699-87A7-E47DD8E313B8", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "BB76D898-4C7C-40E9-8539-E2A1BC7A5A66", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "8C3C9586-D4ED-4486-9C1F-B357F34F8A84", "versionEndIncluding": "11.6.3", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "D4C3D6F5-D94D-46A3-991C-A11275B59F8E", "versionEndIncluding": "12.1.3", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "6114B091-1612-4EA2-81D4-2E5455A345F7", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "86D68F26-EF89-4016-BD3A-637951752AAA", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "9F002114-483A-462C-B0BD-4E1591009935", "versionEndIncluding": "11.6.3", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "57CCB85A-6F90-4DB7-B0F8-AE5250E1DCFE", "versionEndIncluding": "12.1.3", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "36F60067-2623-42F9-8B4F-C24F3268DDB9", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "ADAD6E9A-F8B5-4B2D-B687-AEAB518B8F19", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "6DE3443E-9D07-4A82-B110-02ADDA9FDEF3", "versionEndIncluding": "11.6.3", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "60189636-02D6-44CA-BE2A-7777E3C409CD", "versionEndIncluding": "12.1.3", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "68E2840B-96F4-4437-91D1-4AFE99E54D6A", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_link_controller:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "23E592A7-B530-4932-A81D-D1B9ABD64047", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "5D08BA8F-4949-47EC-8EEF-312DC70043B8", "versionEndIncluding": "11.6.3", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "47D07AA7-1E0E-4FC3-B8BF-05729619B0AA", "versionEndIncluding": "12.1.3", "versionStartIncluding": "12.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "A197CF35-47EE-4DAE-BC51-90663870B9B9", "versionEndIncluding": "13.1.1", "versionStartExcluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "8E734E1C-A92F-4394-8F33-4429161BE47C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "4C9A0A9D-40AF-46DC-B577-DA73B4C2970B", "versionEndIncluding": "11.6.3", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "5AD75094-3248-4D37-969E-75272F6F31D6", "versionEndIncluding": "12.1.3", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "15F4D416-10F4-4C08-A25D-0795F7FE0FBE", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "7CF10213-FBE4-47A5-8EF2-B45BF15BEB6D", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "A36B6B7D-3900-43D4-B241-E58A1377B4DF", "versionEndIncluding": "11.6.3", "versionStartIncluding": "11.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7860523-E8B3-4BEE-853A-6F0B5BCDDA5A", "versionEndIncluding": "12.1.3", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", "matchCriteriaId": "D6944128-3A30-4835-A125-3EA7571D7DC0", "versionEndIncluding": "13.1.1", "versionStartIncluding": "13.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "A5A85C15-B821-4992-9B06-45767E7467D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:traffix_systems_signaling_delivery_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "A87510FE-775A-44FB-9792-074CD5DE5C38", "versionEndIncluding": "5.1.0", "versionStartIncluding": "5.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f5:traffix_systems_signaling_delivery_controller:4.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "0B5497D9-9022-4788-87DB-6C4B4116509A", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:3.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "BB85F4D0-A104-4954-8D73-B9980C8E93E0", "vulnerable": true}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:3.2.2:p5:*:*:*:*:*:*", "matchCriteriaId": "CECB4DA3-3842-4102-8451-43EC00CBAEA8", "vulnerable": true}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3D286AC5-DB3E-4FAE-8441-A4D98B1F1160", "vulnerable": true}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.0:p11:*:*:*:*:*:*", "matchCriteriaId": "8DE427D5-6E9A-4AC3-830D-7D235DE97389", "vulnerable": true}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.1:p8:*:*:*:*:*:*", "matchCriteriaId": "F32591D5-D7F6-4C45-B1B5-1D1F8C649DF0", "vulnerable": true}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "032B2E4E-381E-4662-A6CF-8FA517233681", "vulnerable": true}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.2:p4:*:*:*:*:*:*", "matchCriteriaId": "BA708DD0-8A88-4B2B-9B57-A08491DE4696", "vulnerable": true}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "0013CA3E-0E73-45EA-B2E9-7EA038BAB336", "vulnerable": true}, {"criteria": "cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.4:p1:*:*:*:*:*:*", "matchCriteriaId": "F993C993-D118-45A3-9F95-382B54E25439", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:collaboration_meeting_rooms:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "7E53CEDB-F536-4DA0-917C-C220A3102B90", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:digital_network_architecture_center:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "27A026D0-AA0D-417A-A06B-8785E5FFCBC9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:expressway:x8.10:*:*:*:*:*:*:*", "matchCriteriaId": "31DF55CF-FEDE-43DE-8F55-3264DB7CDD71", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:expressway:x8.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "1A4C837B-4648-4764-B190-36381EE7E664", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:expressway:x8.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "F044DA47-D8FA-4EF9-B28C-C69D0DE8C3DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:expressway:x8.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "E600BCEC-2466-4348-ACE3-955469AA1C9E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:expressway:x8.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "AB8DD876-7E51-43A9-8944-B4DEE9E9EDD3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:expressway:x8.11:*:*:*:*:*:*:*", "matchCriteriaId": "431A3000-D903-4B57-9B54-CC650105B044", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:expressway_series:-:*:*:*:*:*:*:*", "matchCriteriaId": "E8E7428A-D2A5-4B77-8562-F75BB8C72976", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:meeting_management:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "84E53549-337C-423F-AB34-F2559C1F225C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:meeting_management:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "EABDA6F4-99E7-4354-9760-E9891B47DC8A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:network_assurance_engine:2.1\\(1a\\):*:*:*:*:*:*:*", "matchCriteriaId": "BD40D143-B4B4-4C2A-8D9E-D928459FC59E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:threat_grid-cloud:-:*:*:*:*:*:*:*", "matchCriteriaId": "B2B5B87A-CECF-48BF-833E-6E4A6DF647CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:webex_hybrid_data_security:-:*:*:*:*:*:*:*", "matchCriteriaId": "F6A108A5-ADB1-4328-B3C0-9C3CC2CD1346", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:webex_video_mesh:-:*:*:*:*:*:*:*", "matchCriteriaId": "AE0F9723-F9BD-422D-8414-040C01C9C0D0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:telepresence_video_communication_server_firmware:x8.10:*:*:*:*:*:*:*", "matchCriteriaId": "4B534882-60A5-4098-A439-A47CBC546E53", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:telepresence_video_communication_server_firmware:x8.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "DB1C3395-1865-4436-81E0-3821B5BB99D2", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:telepresence_video_communication_server_firmware:x8.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "86ACAFA3-7F76-428A-A6EE-87284FB30B01", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:telepresence_video_communication_server_firmware:x8.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "8908328C-FC17-4BDC-B369-36942225DFAD", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:telepresence_video_communication_server_firmware:x8.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "988EDFD9-4652-4460-BE48-62219B8A0A6D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:telepresence_video_communication_server_firmware:x8.11:*:*:*:*:*:*:*", "matchCriteriaId": "BD9DD18A-43B9-4B43-AF9F-236D42651E46", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:telepresence_video_communication_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "177FA398-F812-4E8D-99A3-3F7E0F690CE6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:telepresence_conductor_firmware:xc4.3:*:*:*:*:*:*:*", "matchCriteriaId": "4A8F173C-2D38-42B2-B86F-72B53A96D05D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:telepresence_conductor_firmware:xc4.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "27E03126-0FF6-4D4E-8766-A4F0B20741AC", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:telepresence_conductor_firmware:xc4.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "F24CB2EC-A79E-4C56-8F03-86D53A9B28A3", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:telepresence_conductor_firmware:xc4.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "C4F2333B-BE03-4D6C-AA16-1E3EB170496E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:telepresence_conductor_firmware:xc4.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "B199BF45-F9EF-49A0-B2D5-9B9FA6AA1208", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:telepresence_conductor:-:*:*:*:*:*:*:*", "matchCriteriaId": "2C65475E-2641-404B-8316-6B6A5029617D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service."}, {"lang": "es", "value": "El kernel de Linux en versiones 4.9 y siguientes pueden forzarse a realizar llamadas muy caras a tcp_collapse_ofo_queue() y tcp_prune_ofo_queue() para cada paquete entrante, lo que puede conducir a una denegaci\u00f3n de servicio."}], "id": "CVE-2018-5390", "lastModified": "2023-11-07T02:58:42.387", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-08-06T20:29:01.570", "references": [{"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181031-02-linux-en"}, {"source": "cret@cert.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"}, {"source": "cret@cert.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"}, {"source": "cret@cert.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/104976"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1041424"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1041434"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2384"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2395"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2402"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2403"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2645"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2776"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2785"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2789"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2790"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2791"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2924"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2933"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2948"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf"}, {"source": "cret@cert.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=1a4f14bab1868b443f0dd3c55b689a478f82e72e"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20180815-0003/"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://support.f5.com/csp/article/K95343321"}, {"source": "cret@cert.org", "url": "https://support.f5.com/csp/article/K95343321?utm_source=f5support&amp%3Butm_medium=RSS"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180824-linux-tcp"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3732-1/"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3732-2/"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3741-1/"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3741-2/"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3742-1/"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3742-2/"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3763-1/"}, {"source": "cret@cert.org", "tags": ["Mitigation", "Third Party Advisory"], "url": "https://www.a10networks.com/support/security-advisories/tcp-ip-cve-2018-5390-segmentsmack"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2018/dsa-4266"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.kb.cert.org/vuls/id/962459"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpujul2020.html"}, {"source": "cret@cert.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "https://www.synology.com/support/security/Synology_SA_18_41"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-400"}], "source": "cret@cert.org", "type": "Secondary"}]}

{"acknowledgement": "Red Hat would like to thank Juha-Matti Tilli (Aalto University - Department of Communications and Networking and Nokia Bell Labs) for reporting this issue.", "affected_release": [{"advisory": "RHSA-2018:2390", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "kernel-0:2.6.32-754.3.5.el6", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2018-08-14T00:00:00Z"}, {"advisory": "RHSA-2018:2791", "cpe": "cpe:/o:redhat:rhel_aus:6.4", "package": "kernel-0:2.6.32-358.93.1.el6", "product_name": "Red Hat Enterprise Linux 6.4 Advanced Update Support", "release_date": "2018-09-25T00:00:00Z"}, {"advisory": "RHSA-2018:2933", "cpe": "cpe:/o:redhat:rhel_aus:6.5", "package": "kernel-0:2.6.32-431.93.2.el6", "product_name": "Red Hat Enterprise Linux 6.5 Advanced Update Support", "release_date": "2018-10-16T00:00:00Z"}, {"advisory": "RHSA-2018:2924", "cpe": "cpe:/o:redhat:rhel_aus:6.6", "package": "kernel-0:2.6.32-504.76.2.el6", "product_name": "Red Hat Enterprise Linux 6.6 Advanced Update Support", "release_date": "2018-10-16T00:00:00Z"}, {"advisory": "RHSA-2018:2924", "cpe": "cpe:/o:redhat:rhel_tus:6.6", "package": "kernel-0:2.6.32-504.76.2.el6", "product_name": "Red Hat Enterprise Linux 6.6 Telco Extended Update Support", "release_date": "2018-10-16T00:00:00Z"}, {"advisory": "RHSA-2018:2645", "cpe": "cpe:/o:redhat:rhel_eus:6.7", "package": "kernel-0:2.6.32-573.62.1.el6", "product_name": "Red Hat Enterprise Linux 6.7 Extended Update Support", "release_date": "2018-09-04T00:00:00Z"}, {"advisory": "RHSA-2018:2395", "cpe": "cpe:/a:redhat:rhel_extras_rt:7", "package": "kernel-rt-0:3.10.0-862.11.6.rt56.819.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2018-08-14T00:00:00Z"}, {"advisory": "RHSA-2018:2384", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "kernel-0:3.10.0-862.11.6.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2018-08-14T00:00:00Z"}, {"advisory": "RHSA-2018:2948", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "kernel-alt-0:4.14.0-115.el7a", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2018-10-30T00:00:00Z"}, {"advisory": "RHSA-2018:2790", "cpe": "cpe:/o:redhat:rhel_aus:7.2", "package": "kernel-0:3.10.0-327.73.1.el7", "product_name": "Red Hat Enterprise Linux 7.2 Advanced Update Support", "release_date": "2018-09-25T00:00:00Z"}, {"advisory": "RHSA-2018:2790", "cpe": "cpe:/o:redhat:rhel_tus:7.2", "package": "kernel-0:3.10.0-327.73.1.el7", "product_name": "Red Hat Enterprise Linux 7.2 Telco Extended Update Support", "release_date": "2018-09-25T00:00:00Z"}, {"advisory": "RHSA-2018:2790", "cpe": "cpe:/o:redhat:rhel_e4s:7.2", "package": "kernel-0:3.10.0-327.73.1.el7", "product_name": "Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions", "release_date": "2018-09-25T00:00:00Z"}, {"advisory": "RHSA-2018:2785", "cpe": "cpe:/o:redhat:rhel_eus:7.3", "package": "kernel-0:3.10.0-514.58.1.el7", "product_name": "Red Hat Enterprise Linux 7.3 Extended Update Support", "release_date": "2018-09-25T00:00:00Z"}, {"advisory": "RHSA-2018:2776", "cpe": "cpe:/o:redhat:rhel_eus:7.4", "package": "kernel-0:3.10.0-693.39.1.el7", "product_name": "Red Hat Enterprise Linux 7.4 Extended Update Support", "release_date": "2018-09-25T00:00:00Z"}, {"advisory": "RHSA-2018:2789", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "kernel-rt-1:3.10.0-693.39.1.rt56.629.el6rt", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2018-09-25T00:00:00Z"}, {"advisory": "RHSA-2018:2402", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "package": "rhvm-appliance-0:4.2-20180813.0", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7", "release_date": "2018-08-16T00:00:00Z"}, {"advisory": "RHSA-2018:2403", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "package": "redhat-release-virtualization-host-0:4.2-5.2.el7", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7", "release_date": "2018-08-15T00:00:00Z"}, {"advisory": "RHSA-2018:2403", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "package": "redhat-virtualization-host-0:4.2-20180813.0", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7", "release_date": "2018-08-15T00:00:00Z"}], "bugzilla": {"description": "kernel: TCP segments with random offsets allow a remote denial of service (SegmentSmack)", "id": "1601704", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601704"}, "csaw": true, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-400", "details": ["Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.", "A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU saturation and hence a denial of service on the system. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses."], "name": "CVE-2018-5390", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "impact": "moderate", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2018-08-06T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-5390\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-5390\nhttps://access.redhat.com/articles/3553061\nhttps://www.kb.cert.org/vuls/id/962459\nhttps://www.spinics.net/lists/netdev/msg514742.html"], "statement": "Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/articles/3553061\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6, 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64, and Red Hat Enterprise Linux 7 for Power 9. Future kernel updates for the respective releases will address this issue.\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, but to a lesser degree. As such, the issue severity for RHEL5 is considered Moderate. This is not currently planned to be addressed in future updates of the product due to its life cycle and the issue severity. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.", "threat_severity": "Important"}