CVE-2018-5390

CWE-400Uncontrolled Resource Consumption16 documents9 sources
Severity
7.5HIGH
EPSS
11.4%
top 6.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
34
Linux Linux KernelHP Aruba Airwave AMPF5 Big-ip Access Policy Manager+31 more
Timeline
PublishedAug 6
Latest updateMay 13

Description

Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages31 packages

CVEListV5linux/linux_kernel4.94.9*
NVDlinux/linux_kernel4.94.18+1
Debianlinux< 4.17.14-1+3
NVDf5/big-ip_fraud_protection_service11.5.111.6.3+3

Also affects: Debian Linux 8.0, 9.0, Ubuntu Linux 12.04, 14.04, 16.04, 18.04, Enterprise Linux 6.4, 6.5, 6.6, 7.2, 7.3, 7.4, 6.7, 7.5

Patches

Patch: git.kernel.orgPatch: www.oracle.comPatch: git.kernel.org

🔴Vulnerability Details

3
GHSA
GHSA-grv8-gqh3-fmc9: Linux kernel versions 42022-05-13
OSV
CVE-2018-5390: Linux kernel versions 42018-08-06
CVEList
Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service2018-08-06

📋Vendor Advisories

10
Ubuntu
Linux kernel vulnerability2018-09-11
Cisco
Linux and FreeBSD Kernels TCP Reassembly Denial of Service Vulnerabilities Affecting Cisco Products: August 20182018-08-24
Ubuntu
Linux kernel vulnerabilities2018-08-14
Ubuntu
Linux kernel (Xenial HWE) vulnerabilities2018-08-14
Ubuntu
Linux kernel (Trusty HWE) vulnerabilities2018-08-14

💬Community

2
Bugzilla
CVE-2018-5390 kernel: TCP segments with random offsets allow a remote denial of service (SegmentSmack) [fedora-all]2018-08-06
Bugzilla
CVE-2018-5390 kernel: TCP segments with random offsets allow a remote denial of service (SegmentSmack)2018-07-17