Home

CVE-2018-5391

Description

The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
3.822

Associated Vulnerability

VulnerabilityOS Platform
Linux kernel (LSN-0042-1) linux-image-aws_4.15.0.1019.19_amd64.debLinux
Linux kernel (LSN-0042-1) linux-image-gcp_4.15.0.1017.19_amd64.debLinux
Linux kernel (LSN-0042-1) linux-image-gke_4.15.0.1017.19_amd64.debLinux
Linux kernel (LSN-0042-1) linux-image-kvm_4.15.0.1019.19_amd64.debLinux
Linux kernel (LSN-0042-1) linux-image-oem_4.15.0.1015.17_amd64.debLinux
Linux kernel (LSN-0042-1) linux-image-azure_4.15.0.1021.21_amd64.debLinux
Linux kernel (LSN-0042-1) linux-image-generic_4.15.0.32.34_i386.debLinux
Linux kernel (LSN-0042-1) linux-image-generic_4.15.0.32.34_amd64.debLinux
Linux kernel (LSN-0042-1) linux-image-azure-edge_4.15.0.1021.21_amd64.debLinux
Linux kernel (LSN-0042-1) linux-image-lowlatency_4.15.0.32.34_i386.debLinux
Linux kernel (LSN-0042-1) linux-image-lowlatency_4.15.0.32.34_amd64.debLinux
Linux kernel (LSN-0042-1) linux-image-4.15.0-1017-gcp_4.15.0-1017.18_amd64.debLinux
Linux kernel (LSN-0042-1) linux-image-4.15.0-1019-aws_4.15.0-1019.19_amd64.debLinux
Linux kernel (LSN-0042-1) linux-image-4.15.0-1019-kvm_4.15.0-1019.19_amd64.debLinux
Linux kernel (LSN-0042-1) linux-image-4.15.0-32-generic_4.15.0-32.35_i386.debLinux
Linux kernel (LSN-0042-1) linux-image-4.15.0-32-generic_4.15.0-32.35_amd64.debLinux
Linux kernel (LSN-0042-1) linux-image-4.15.0-32-lowlatency_4.15.0-32.35_i386.debLinux
Linux kernel (LSN-0042-1) linux-image-4.15.0-32-lowlatency_4.15.0-32.35_amd64.debLinux
Linux kernel for Microsoft Azure Cloud systems (USN-3740-2) linux-image-azure_4.15.0.1021.27_amd64.debLinux
Linux kernel for Microsoft Azure Cloud systems (USN-3740-2) linux-image-4.15.0-1017-gcp_4.15.0-1017.18~16.04.1_amd64.debLinux
Linux kernel for Microsoft Azure Cloud systems (USN-3740-2) linux-image-4.15.0-1021-azure_4.15.0-1021.21~16.04.1_amd64.debLinux
Linux kernel for Microsoft Azure Cloud systems (USN-3740-2) linux-image-4.15.0-32-generic_4.15.0-32.35~16.04.1_i386.debLinux
Linux kernel for Microsoft Azure Cloud systems (USN-3740-2) linux-image-4.15.0-32-generic_4.15.0-32.35~16.04.1_amd64.debLinux
Linux kernel for Microsoft Azure Cloud systems (USN-3740-2) linux-image-generic-hwe-16.04_4.15.0.32.54_i386.debLinux
Linux kernel for Microsoft Azure Cloud systems (USN-3740-2) linux-image-generic-hwe-16.04_4.15.0.32.54_amd64.debLinux
Linux kernel for Microsoft Azure Cloud systems (USN-3740-2) linux-image-4.15.0-32-lowlatency_4.15.0-32.35~16.04.1_i386.debLinux
Linux kernel for Microsoft Azure Cloud systems (USN-3740-2) linux-image-4.15.0-32-lowlatency_4.15.0-32.35~16.04.1_amd64.debLinux
Linux kernel for Microsoft Azure Cloud systems (USN-3740-2) linux-image-lowlatency-hwe-16.04_4.15.0.32.54_i386.debLinux
Linux kernel for Microsoft Azure Cloud systems (USN-3740-2) linux-image-lowlatency-hwe-16.04_4.15.0.32.54_amd64.debLinux
Linux kernel (USN-3741-1) linux-image-aws_4.4.0.1065.67_amd64.debLinux
Linux kernel (USN-3741-1) linux-image-kvm_4.4.0.1031.30_amd64.debLinux
Linux kernel (USN-3741-1) linux-image-generic_4.4.0.133.139_i386.debLinux
Linux kernel (USN-3741-1) linux-image-generic_4.4.0.133.139_amd64.debLinux
Linux kernel (USN-3741-1) linux-image-lowlatency_4.4.0.133.139_i386.debLinux
Linux kernel (USN-3741-1) linux-image-lowlatency_4.4.0.133.139_amd64.debLinux
Linux kernel (USN-3741-1) linux-image-4.4.0-1031-kvm_4.4.0-1031.37_amd64.debLinux
Linux kernel (USN-3741-1) linux-image-4.4.0-1065-aws_4.4.0-1065.75_amd64.debLinux
Linux kernel (USN-3741-1) linux-image-4.4.0-133-generic_4.4.0-133.159_i386.debLinux
Linux kernel (USN-3741-1) linux-image-4.4.0-133-generic_4.4.0-133.159_amd64.debLinux
Linux kernel (USN-3741-1) linux-image-4.4.0-133-lowlatency_4.4.0-133.159_i386.debLinux
Linux kernel (USN-3741-1) linux-image-4.4.0-133-lowlatency_4.4.0-133.159_amd64.debLinux
Linux kernel for Amazon Web Services (AWS) systems (USN-3741-2) linux-image-aws_4.4.0.1027.27_amd64.debLinux
Linux kernel for Amazon Web Services (AWS) systems (USN-3741-2) linux-image-4.4.0-1027-aws_4.4.0-1027.30_amd64.debLinux
Linux kernel for Amazon Web Services (AWS) systems (USN-3741-2) linux-image-4.4.0-133-generic_4.4.0-133.159~14.04.1_i386.debLinux
Linux kernel for Amazon Web Services (AWS) systems (USN-3741-2) linux-image-4.4.0-133-generic_4.4.0-133.159~14.04.1_amd64.debLinux
Linux kernel for Amazon Web Services (AWS) systems (USN-3741-2) linux-image-4.4.0-133-lowlatency_4.4.0-133.159~14.04.1_i386.debLinux
Linux kernel for Amazon Web Services (AWS) systems (USN-3741-2) linux-image-4.4.0-133-lowlatency_4.4.0-133.159~14.04.1_amd64.debLinux
Linux kernel (USN-3742-1) linux-image-3.13.0-155-generic_3.13.0-155.205_i386.debLinux
Linux kernel (USN-3742-1) linux-image-3.13.0-155-generic_3.13.0-155.205_amd64.debLinux
Linux kernel (USN-3742-1) linux-image-3.13.0-155-lowlatency_3.13.0-155.205_i386.debLinux
Linux kernel (USN-3742-1) linux-image-3.13.0-155-lowlatency_3.13.0-155.205_amd64.debLinux
Linux kernel (USN-3740-1) linux-image-4.15.0-1017-gcp_4.15.0-1017.18_amd64.debLinux
Linux kernel (USN-3740-1) linux-image-4.15.0-1019-aws_4.15.0-1019.19_amd64.debLinux
Linux kernel (USN-3740-1) linux-image-4.15.0-1019-kvm_4.15.0-1019.19_amd64.debLinux
Linux kernel (USN-3740-1) linux-image-4.15.0-32-generic_4.15.0-32.35_i386.debLinux
Linux kernel (USN-3740-1) linux-image-4.15.0-32-generic_4.15.0-32.35_amd64.debLinux
Linux kernel (USN-3740-1) linux-image-4.15.0-32-lowlatency_4.15.0-32.35_i386.debLinux
Linux kernel (USN-3740-1) linux-image-4.15.0-32-lowlatency_4.15.0-32.35_amd64.debLinux
(RHSA-2018:2785) kernel security and bug fix update kernel-3.10.0-514.58.1.el7.x86_64.rpmLinux
(RHSA-2018:2785) kernel security and bug fix update kernel-abi-whitelists-3.10.0-514.58.1.el7.noarch.rpmLinux
(RHSA-2018:2785) kernel security and bug fix update kernel-debug-3.10.0-514.58.1.el7.x86_64.rpmLinux
(RHSA-2018:2785) kernel security and bug fix update kernel-debug-devel-3.10.0-514.58.1.el7.x86_64.rpmLinux
(RHSA-2018:2785) kernel security and bug fix update kernel-devel-3.10.0-514.58.1.el7.x86_64.rpmLinux
(RHSA-2018:2785) kernel security and bug fix update kernel-doc-3.10.0-514.58.1.el7.noarch.rpmLinux
(RHSA-2018:2785) kernel security and bug fix update kernel-headers-3.10.0-514.58.1.el7.x86_64.rpmLinux
(RHSA-2018:2785) kernel security and bug fix update kernel-tools-3.10.0-514.58.1.el7.x86_64.rpmLinux
(RHSA-2018:2785) kernel security and bug fix update kernel-tools-libs-3.10.0-514.58.1.el7.x86_64.rpmLinux
(RHSA-2018:2785) kernel security and bug fix update kernel-tools-libs-devel-3.10.0-514.58.1.el7.x86_64.rpmLinux
(RHSA-2018:2785) kernel security and bug fix update perf-3.10.0-514.58.1.el7.x86_64.rpmLinux
(RHSA-2018:2785) kernel security and bug fix update python-perf-3.10.0-514.58.1.el7.x86_64.rpmLinux
(RHSA-2018:2846) kernel security and bug fix update kernel-2.6.32-754.6.3.el6.i686.rpmLinux
(RHSA-2018:2846) kernel security and bug fix update kernel-2.6.32-754.6.3.el6.x86_64.rpmLinux
(RHSA-2018:2846) kernel security and bug fix update kernel-abi-whitelists-2.6.32-754.6.3.el6.noarch.rpmLinux
(RHSA-2018:2846) kernel security and bug fix update kernel-debug-2.6.32-754.6.3.el6.i686.rpmLinux
(RHSA-2018:2846) kernel security and bug fix update kernel-debug-2.6.32-754.6.3.el6.x86_64.rpmLinux
(RHSA-2018:2846) kernel security and bug fix update kernel-debug-devel-2.6.32-754.6.3.el6.i686.rpmLinux
(RHSA-2018:2846) kernel security and bug fix update kernel-debug-devel-2.6.32-754.6.3.el6.x86_64.rpmLinux
(RHSA-2018:2846) kernel security and bug fix update kernel-devel-2.6.32-754.6.3.el6.i686.rpmLinux
(RHSA-2018:2846) kernel security and bug fix update kernel-devel-2.6.32-754.6.3.el6.x86_64.rpmLinux
(RHSA-2018:2846) kernel security and bug fix update kernel-doc-2.6.32-754.6.3.el6.noarch.rpmLinux
(RHSA-2018:2846) kernel security and bug fix update kernel-firmware-2.6.32-754.6.3.el6.noarch.rpmLinux
(RHSA-2018:2846) kernel security and bug fix update kernel-headers-2.6.32-754.6.3.el6.i686.rpmLinux
(RHSA-2018:2846) kernel security and bug fix update kernel-headers-2.6.32-754.6.3.el6.x86_64.rpmLinux
(RHSA-2018:2846) kernel security and bug fix update perf-2.6.32-754.6.3.el6.i686.rpmLinux
(RHSA-2018:2846) kernel security and bug fix update perf-2.6.32-754.6.3.el6.x86_64.rpmLinux
(RHSA-2018:2846) kernel security and bug fix update python-perf-2.6.32-754.6.3.el6.i686.rpmLinux
(RHSA-2018:2846) kernel security and bug fix update python-perf-2.6.32-754.6.3.el6.x86_64.rpmLinux
(RHSA-2018:3459) kernel security, bug fix, and enhancement update kernel-3.10.0-862.20.2.el7.x86_64.rpmLinux
(RHSA-2018:3459) kernel security, bug fix, and enhancement update kernel-abi-whitelists-3.10.0-862.20.2.el7.noarch.rpmLinux
(RHSA-2018:3459) kernel security, bug fix, and enhancement update kernel-debug-3.10.0-862.20.2.el7.x86_64.rpmLinux
(RHSA-2018:3459) kernel security, bug fix, and enhancement update kernel-debug-devel-3.10.0-862.20.2.el7.x86_64.rpmLinux
(RHSA-2018:3459) kernel security, bug fix, and enhancement update kernel-devel-3.10.0-862.20.2.el7.x86_64.rpmLinux
(RHSA-2018:3459) kernel security, bug fix, and enhancement update kernel-doc-3.10.0-862.20.2.el7.noarch.rpmLinux
(RHSA-2018:3459) kernel security, bug fix, and enhancement update kernel-headers-3.10.0-862.20.2.el7.x86_64.rpmLinux
(RHSA-2018:3459) kernel security, bug fix, and enhancement update kernel-tools-3.10.0-862.20.2.el7.x86_64.rpmLinux
(RHSA-2018:3459) kernel security, bug fix, and enhancement update kernel-tools-libs-3.10.0-862.20.2.el7.x86_64.rpmLinux
(RHSA-2018:3459) kernel security, bug fix, and enhancement update kernel-tools-libs-devel-3.10.0-862.20.2.el7.x86_64.rpmLinux
(RHSA-2018:3459) kernel security, bug fix, and enhancement update perf-3.10.0-862.20.2.el7.x86_64.rpmLinux
(RHSA-2018:3459) kernel security, bug fix, and enhancement update python-perf-3.10.0-862.20.2.el7.x86_64.rpmLinux
(RHSA-2018:3540) kernel security, bug fix, and enhancement update kernel-abi-whitelists-3.10.0-693.43.1.el7.noarch.rpmLinux
(RHSA-2018:3540) kernel security, bug fix, and enhancement update kernel-doc-3.10.0-693.43.1.el7.noarch.rpmLinux
(RHSA-2018:3590) kernel security and bug fix update kernel-abi-whitelists-3.10.0-327.76.1.el7.noarch.rpmLinux
(RHSA-2018:3590) kernel security and bug fix update kernel-doc-3.10.0-327.76.1.el7.noarch.rpmLinux
Linux kernel (USN-3740-1) linux-image-azure-edge_4.15.0.1021.21_amd64.debLinux
Uncontrolled Resource Consumption Vulnerability (CVE-2018-5391)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234