The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

References
Link Providers
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt cve-icon cve-icon
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2019/06/28/2 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2019/07/06/3 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2019/07/06/4 cve-icon cve-icon
http://www.securityfocus.com/bid/105108 cve-icon cve-icon
http://www.securitytracker.com/id/1041476 cve-icon cve-icon
http://www.securitytracker.com/id/1041637 cve-icon cve-icon
https://access.redhat.com/articles/3553061 cve-icon
https://access.redhat.com/errata/RHSA-2018:2785 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:2791 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:2846 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:2924 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:2925 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:2933 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:2948 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:3083 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:3096 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:3459 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:3540 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:3586 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:3590 cve-icon cve-icon
https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf cve-icon cve-icon
https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2018-5391 cve-icon
https://security.netapp.com/advisory/ntap-20181003-0002/ cve-icon cve-icon
https://support.f5.com/csp/article/K74374841?utm_source=f5support&amp%3Butm_medium=RSS cve-icon cve-icon
https://usn.ubuntu.com/3740-1/ cve-icon cve-icon
https://usn.ubuntu.com/3740-2/ cve-icon cve-icon
https://usn.ubuntu.com/3741-1/ cve-icon cve-icon
https://usn.ubuntu.com/3741-2/ cve-icon cve-icon
https://usn.ubuntu.com/3742-1/ cve-icon cve-icon
https://usn.ubuntu.com/3742-2/ cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2018-5391 cve-icon
https://www.debian.org/security/2018/dsa-4272 cve-icon cve-icon
https://www.kb.cert.org/vuls/id/641765 cve-icon cve-icon cve-icon
History

Tue, 15 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.01637}

epss

{'score': 0.01732}


cve-icon MITRE

Status: PUBLISHED

Assigner: certcc

Published:

Updated: 2024-08-05T05:33:44.368Z

Reserved: 2018-01-12T00:00:00

Link: CVE-2018-5391

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-09-06T21:29:00.363

Modified: 2024-11-21T04:08:43.897

Link: CVE-2018-5391

cve-icon Redhat

Severity : Important

Publid Date: 2018-08-14T16:00:00Z

Links: CVE-2018-5391 - Bugzilla

cve-icon OpenCVE Enrichment

No data.