The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.03822.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Canonical
  • Ubuntu Linux
Debian
  • Debian Linux
F5
  • Big-ip Access Policy Manager
  • Big-ip Advanced Firewall Manager
  • Big-ip Analytics
  • Big-ip Application Acceleration Manager
  • Big-ip Application Security Manager
  • Big-ip Domain Name System
  • Big-ip Edge Gateway
  • Big-ip Fraud Protection Service
  • Big-ip Global Traffic Manager
  • Big-ip Link Controller
  • Big-ip Local Traffic Manager
  • Big-ip Policy Enforcement Manager
  • Big-ip Webaccelerator
Linux
  • Linux Kernel
Microsoft
  • Windows 10
  • Windows 7
  • Windows 8.1
  • Windows Rt 8.1
  • Windows Server 2008
  • Windows Server 2012
  • Windows Server 2016
Redhat
  • Enterprise Linux
  • Enterprise Linux Desktop
  • Enterprise Linux Server
  • Enterprise Linux Server Aus
  • Enterprise Linux Server Eus
  • Enterprise Linux Server Tus
  • Enterprise Linux Workstation
  • Enterprise Mrg
  • Rhel Aus
  • Rhel E4s
  • Rhel Eus
  • Rhel Extras Rt
  • Rhel Tus
Siemens
  • Ruggedcom Rm1224
  • Ruggedcom Rm1224 Firmware
  • Ruggedcom Rox Ii
  • Ruggedcom Rox Ii Firmware
  • Scalance M-800
  • Scalance M-800 Firmware
  • Scalance S615
  • Scalance S615 Firmware
  • Scalance Sc-600
  • Scalance Sc-600 Firmware
  • Scalance W1700 Ieee 802.11ac
  • Scalance W1700 Ieee 802.11ac Firmware
  • Scalance W700 Ieee 802.11a\/b\/g\/n
  • Scalance W700 Ieee 802.11a\/b\/g\/n Firmware
  • Simatic Net Cp 1242-7
  • Simatic Net Cp 1242-7 Firmware
  • Simatic Net Cp 1243-1
  • Simatic Net Cp 1243-1 Firmware
  • Simatic Net Cp 1243-7 Lte Eu
  • Simatic Net Cp 1243-7 Lte Eu Firmware
  • Simatic Net Cp 1243-7 Lte Us
  • Simatic Net Cp 1243-7 Lte Us Firmware
  • Simatic Net Cp 1243-8 Irc
  • Simatic Net Cp 1243-8 Irc Firmware
  • Simatic Net Cp 1542sp-1
  • Simatic Net Cp 1542sp-1 Firmware
  • Simatic Net Cp 1542sp-1 Irc
  • Simatic Net Cp 1542sp-1 Irc Firmware
  • Simatic Net Cp 1543-1
  • Simatic Net Cp 1543-1 Firmware
  • Simatic Net Cp 1543sp-1
  • Simatic Net Cp 1543sp-1 Firmware
  • Simatic Rf185c
  • Simatic Rf185c Firmware
  • Simatic Rf186c
  • Simatic Rf186c Firmware
  • Simatic Rf186ci
  • Simatic Rf186ci Firmware
  • Simatic Rf188
  • Simatic Rf188 Firmware
  • Simatic Rf188ci
  • Simatic Rf188ci Firmware
  • Sinema Remote Connect Server
  • Sinema Remote Connect Server Firmware

Configuration 1 [-]

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Configuration 3 [-]

OR cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 4 [-]

OR cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

Configuration 5 [-]

OR cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:itanium:*:*
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*

Configuration 6 [-]

OR cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rox_ii:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:siemens:scalance_sc-600_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_sc-600:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:siemens:scalance_w1700_ieee_802.11ac_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_w1700_ieee_802.11ac:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:siemens:scalance_w700_ieee_802.11a\/b\/g\/n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_w700_ieee_802.11a\/b\/g\/n:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:siemens:simatic_net_cp_1242-7_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_net_cp_1242-7:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:siemens:simatic_net_cp_1243-1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_net_cp_1243-1:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND
cpe:2.3:o:siemens:simatic_net_cp_1243-7_lte_eu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_net_cp_1243-7_lte_eu:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND
cpe:2.3:o:siemens:simatic_net_cp_1243-7_lte_us_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_net_cp_1243-7_lte_us:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND
cpe:2.3:o:siemens:simatic_net_cp_1243-8_irc_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_net_cp_1243-8_irc:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND
cpe:2.3:o:siemens:simatic_net_cp_1542sp-1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_net_cp_1542sp-1:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND
cpe:2.3:o:siemens:simatic_net_cp_1542sp-1_irc_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_net_cp_1542sp-1_irc:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND
cpe:2.3:o:siemens:simatic_net_cp_1543-1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_net_cp_1543-1:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND
cpe:2.3:o:siemens:simatic_net_cp_1543sp-1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_net_cp_1543sp-1:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND
cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND
cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND
cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND
cpe:2.3:o:siemens:simatic_rf188_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_rf188:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND
cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND
cpe:2.3:o:siemens:sinema_remote_connect_server_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:sinema_remote_connect_server:-:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 6
kernel-0:2.6.32-754.6.3.el6 cpe:/o:redhat:enterprise_linux:6 RHSA-2018:2846 2018-10-09T00:00:00Z
Red Hat Enterprise Linux 6.4 Advanced Update Support
kernel-0:2.6.32-358.93.1.el6 cpe:/o:redhat:rhel_aus:6.4 RHSA-2018:2791 2018-09-25T00:00:00Z
Red Hat Enterprise Linux 6.5 Advanced Update Support
kernel-0:2.6.32-431.93.2.el6 cpe:/o:redhat:rhel_aus:6.5 RHSA-2018:2933 2018-10-16T00:00:00Z
Red Hat Enterprise Linux 6.6 Advanced Update Support
kernel-0:2.6.32-504.76.2.el6 cpe:/o:redhat:rhel_aus:6.6 RHSA-2018:2924 2018-10-16T00:00:00Z
Red Hat Enterprise Linux 6.6 Telco Extended Update Support
kernel-0:2.6.32-504.76.2.el6 cpe:/o:redhat:rhel_tus:6.6 RHSA-2018:2924 2018-10-16T00:00:00Z
Red Hat Enterprise Linux 6.7 Extended Update Support
kernel-0:2.6.32-573.65.2.el6 cpe:/o:redhat:rhel_eus:6.7 RHSA-2018:2925 2018-10-17T00:00:00Z
Red Hat Enterprise Linux 7
kernel-rt-0:3.10.0-957.rt56.910.el7 cpe:/a:redhat:rhel_extras_rt:7 RHSA-2018:3096 2018-10-30T00:00:00Z
kernel-alt-0:4.14.0-115.el7a cpe:/o:redhat:enterprise_linux:7 RHSA-2018:2948 2018-10-30T00:00:00Z
kernel-0:3.10.0-957.el7 cpe:/o:redhat:enterprise_linux:7 RHSA-2018:3083 2018-10-30T00:00:00Z
Red Hat Enterprise Linux 7.2 Advanced Update Support
kernel-0:3.10.0-327.76.1.el7 cpe:/o:redhat:rhel_aus:7.2 RHSA-2018:3590 2018-11-13T00:00:00Z
Red Hat Enterprise Linux 7.2 Telco Extended Update Support
kernel-0:3.10.0-327.76.1.el7 cpe:/o:redhat:rhel_tus:7.2 RHSA-2018:3590 2018-11-13T00:00:00Z
Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions
kernel-0:3.10.0-327.76.1.el7 cpe:/o:redhat:rhel_e4s:7.2 RHSA-2018:3590 2018-11-13T00:00:00Z
Red Hat Enterprise Linux 7.3 Extended Update Support
kernel-0:3.10.0-514.58.1.el7 cpe:/o:redhat:rhel_eus:7.3 RHSA-2018:2785 2018-09-25T00:00:00Z
Red Hat Enterprise Linux 7.4 Extended Update Support
kernel-0:3.10.0-693.43.1.el7 cpe:/o:redhat:rhel_eus:7.4 RHSA-2018:3540 2018-11-13T00:00:00Z
Red Hat Enterprise Linux 7.5 Extended Update Support
kernel-0:3.10.0-862.20.2.el7 cpe:/o:redhat:rhel_eus:7.5 RHSA-2018:3459 2018-11-06T00:00:00Z
Red Hat Enterprise MRG 2
kernel-rt-1:3.10.0-693.43.1.rt56.630.el6rt cpe:/a:redhat:enterprise_mrg:2:server:el6 RHSA-2018:3586 2018-11-13T00:00:00Z

No data.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-1466-1 linux-4.9 security update
Debian DLA Debian DLA DLA-1715-1 linux-4.9 security update
Debian DSA Debian DSA DSA-4272-1 linux security update
EUVD EUVD EUVD-2018-17161 The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.
Ubuntu USN Ubuntu USN USN-3740-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-3740-2 Linux kernel (HWE) vulnerabilities
Ubuntu USN Ubuntu USN USN-3741-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-3741-2 Linux kernel (Xenial HWE) vulnerabilities
Ubuntu USN Ubuntu USN USN-3742-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-3742-2 Linux kernel (Trusty HWE) vulnerabilities
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt cve-icon cve-icon
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2019/06/28/2 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2019/07/06/3 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2019/07/06/4 cve-icon cve-icon
http://www.securityfocus.com/bid/105108 cve-icon cve-icon
http://www.securitytracker.com/id/1041476 cve-icon cve-icon
http://www.securitytracker.com/id/1041637 cve-icon cve-icon
https://access.redhat.com/articles/3553061 cve-icon
https://access.redhat.com/errata/RHSA-2018:2785 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:2791 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:2846 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:2924 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:2925 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:2933 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:2948 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:3083 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:3096 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:3459 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:3540 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:3586 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:3590 cve-icon cve-icon
https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf cve-icon cve-icon
https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2018-5391 cve-icon
https://security.netapp.com/advisory/ntap-20181003-0002/ cve-icon cve-icon
https://support.f5.com/csp/article/K74374841?utm_source=f5support&amp%3Butm_medium=RSS cve-icon cve-icon
https://usn.ubuntu.com/3740-1/ cve-icon cve-icon
https://usn.ubuntu.com/3740-2/ cve-icon cve-icon
https://usn.ubuntu.com/3741-1/ cve-icon cve-icon
https://usn.ubuntu.com/3741-2/ cve-icon cve-icon
https://usn.ubuntu.com/3742-1/ cve-icon cve-icon
https://usn.ubuntu.com/3742-2/ cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2018-5391 cve-icon
https://www.debian.org/security/2018/dsa-4272 cve-icon cve-icon
https://www.kb.cert.org/vuls/id/641765 cve-icon cve-icon cve-icon
History

Tue, 15 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.01637}

 epss

{'score': 0.01732}
cve-icon MITRE

Status: PUBLISHED

Assigner: certcc

Published:

Updated: 2024-08-05T05:33:44.368Z

Reserved: 2018-01-12T00:00:00

Link: CVE-2018-5391

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-09-06T21:29:00.363

Modified: 2024-11-21T04:08:43.897

Link: CVE-2018-5391

cve-icon Redhat

Severity : Important

Publid Date: 2018-08-14T16:00:00Z

Links: CVE-2018-5391 - Bugzilla

cve-icon OpenCVE Enrichment

No data.