Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2018-5390

Published: 06/08/2018 Updated: 07/11/2023
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 694
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Enterprise Linux Desktop

Vulnerability Summary

Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

redhat enterprise linux desktop 7.0

redhat enterprise linux server aus 7.2

redhat enterprise linux workstation 7.0

redhat enterprise linux server tus 7.2

redhat enterprise linux server 7.0

redhat enterprise linux server aus 6.6

redhat enterprise linux server eus 7.2

redhat enterprise linux server aus 6.5

redhat enterprise linux server aus 6.4

redhat enterprise linux server tus 7.3

redhat enterprise linux server aus 7.3

redhat enterprise linux server aus 7.4

redhat enterprise linux server eus 7.3

redhat enterprise linux server eus 7.4

redhat virtualization 4.0

redhat enterprise linux server tus 7.4

redhat enterprise linux server eus 7.5

redhat enterprise linux server eus 6.4

redhat enterprise linux server eus 6.7

redhat enterprise linux server tus 6.6

linux linux kernel

linux linux kernel 4.18

canonical ubuntu linux 16.04

canonical ubuntu linux 14.04

canonical ubuntu linux 12.04

canonical ubuntu linux 18.04

debian debian linux 8.0

debian debian linux 9.0

hp aruba clearpass policy manager

hp aruba airwave amp

f5 big-ip application acceleration manager

f5 big-ip advanced firewall manager

f5 big-ip analytics

f5 big-ip access policy manager

f5 big-ip application security manager

f5 big-ip link controller

f5 big-ip policy enforcement manager

f5 big-ip edge gateway

f5 big-ip global traffic manager

f5 big-ip webaccelerator

f5 big-ip local traffic manager

f5 big-ip domain name system

f5 big-ip fraud protection service

f5 big-ip local traffic manager 14.0.0

f5 big-ip application acceleration manager 14.0.0

f5 big-ip advanced firewall manager 14.0.0

f5 big-ip analytics 14.0.0

f5 big-ip access policy manager 14.0.0

f5 big-ip application security manager 14.0.0

f5 big-ip domain name system 14.0.0

f5 big-ip edge gateway 14.0.0

f5 big-ip fraud protection service 14.0.0

f5 big-ip global traffic manager 14.0.0

f5 big-ip link controller 14.0.0

f5 big-ip policy enforcement manager 14.0.0

f5 big-ip webaccelerator 14.0.0

f5 traffix systems signaling delivery controller 4.4.0

f5 traffix systems signaling delivery controller

a10networks advanced core operating system 3.2.2

a10networks advanced core operating system 4.1.0

a10networks advanced core operating system 4.1.1

a10networks advanced core operating system 4.1.2

a10networks advanced core operating system 4.1.4

cisco meeting management 1.0.1

cisco meeting management 1.0

cisco expressway series -

cisco collaboration meeting rooms 1.0

cisco webex video mesh -

cisco webex hybrid data security -

cisco network assurance engine 2.1\\(1a\\)

cisco digital network architecture center 1.2

cisco threat grid-cloud -

cisco expressway x8.10

cisco expressway x8.10.1

cisco expressway x8.10.2

cisco expressway x8.10.3

cisco expressway x8.10.4

cisco expressway x8.11

cisco telepresence_video_communication_server_firmware x8.10

cisco telepresence_video_communication_server_firmware x8.10.1

cisco telepresence_video_communication_server_firmware x8.10.2

cisco telepresence_video_communication_server_firmware x8.10.3

cisco telepresence_video_communication_server_firmware x8.10.4

cisco telepresence_video_communication_server_firmware x8.11

cisco telepresence_conductor_firmware xc4.3

cisco telepresence_conductor_firmware xc4.3.1

cisco telepresence_conductor_firmware xc4.3.2

cisco telepresence_conductor_firmware xc4.3.3

cisco telepresence_conductor_firmware xc4.3.4

Vendor Advisories

Debian CVElist Bug Report Logs: linux: CVE-2018-5390
Debian Bug report logs - #905751 linux: CVE-2018-5390 Package: src:linux; Maintainer for src:linux is Debian Kernel Team <debian-kernel@listsdebianorg>; Reported by: "Jamie" <darkshad9999@gmailcom> Date: Wed, 8 Aug 2018 22:45:02 UTC Severity: grave Merged with 905966 Found in versions linux/49110-1~deb8u1, li ...
Amazon Linux AMI: ALAS-2018-1049
Linux kernel versions 49+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service An attacker can induce a denial of service condition by sending specially modified packets within ongoing TCP sessions Maintaining the denial of service conditi ...
Amazon Linux 2: ALAS2-2018-1050
Linux kernel versions 49+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service An attacker can induce a denial of service condition by sending specially modified packets within ongoing TCP sessions Maintaining the denial of service conditi ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 72 Advanced Update Support, Red Hat Enterprise Linux 72 Telco Extended Update Support, and Red Hat Enterprise Linux 72 Update Services ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 74 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...
Red Hat: Important: kernel-rt security and bug fix update
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (C ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 66 Advanced Update Support and Red Hat Enterprise Linux 66 Telco Extended Update SupportRed Hat Product Security has rated this update ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) b ...
Red Hat: Important: rhvm-appliance security update
Synopsis Important: rhvm-appliance security update Type/Severity Security Advisory: Important Topic An update for rhvm-appliance is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vuln ...
Red Hat: Important: kernel-rt security and bug fix update
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise MRG 2Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVS ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 73 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 65 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 64 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) b ...
Red Hat: Important: kernel security update
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 67 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...
Red Hat: Important: redhat-virtualization-host security update
Synopsis Important: redhat-virtualization-host security update Type/Severity Security Advisory: Important Topic An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this ...
Red Hat: Important: kernel-alt security, bug fix, and enhancement update
Synopsis Important: kernel-alt security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel-alt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability S ...
Ubuntu Security Notice: linux regressions
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oem, linux-raspi2 vulnerability
The system could be made unavailable if it received specially crafted network traffic ...
Ubuntu Security Notice: linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux vulnerability
The system could be made to crash if it received specially crafted network traffic ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-lts-trusty vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-lts-xenial, linux-aws vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-lts-trusty regressions
USN-3742-2 introduced regressions in the Linux Hardware Enablement (HWE) kernel for Ubuntu 1204 ESM ...
Ubuntu Security Notice: linux-hwe, linux-azure, linux-gcp vulnerability
The system could be made unavailable if it received specially crafted network traffic ...
Red Hat: CVE-2018-5390
A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU satur ...
Cisco: Linux and FreeBSD Kernels TCP Reassembly Denial of Service Vulnerabilities Affecting Cisco Products: August 2018
On August 6, 2018, the Vulnerability Coordination team of the National Cyber Security Centre of Finland (NCSC-FI) and the CERT Coordination Center (CERT/CC) disclosed vulnerabilities in the TCP stacks that are used by the Linux and FreeBSD kernels These vulnerabilities are publicly known as SegmentSmack The vulnerabilities could allow an unauthen ...
Arch Linux Issues:
A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU satur ...
Huawei Security Advisories: Security Advisory - SegmentSmack Vulnerability in Linux Kernel
There is a DoS vulnerability in the Linux Kernel versions 49+ known as a SegmentSmack attack Remote attackers may send TCP packets to Linux kernel to make it calls the very expensive functions tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() of the affected device which can lead to a denial of service Maintaining the denial of service conditio ...
Palo Alto Networks Security Advisory: CVE-2018-5390 Information about SegmentSmack findings
CVE-2018-5390 Information about SegmentSmack findings ...

Mailing Lists

Full Disclosure: Re: linux-distros membership application - Microsoft
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> Re: linux-distros membership application - Microsoft <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: Sasha Levin ...

Recent Articles

Batten down the ports: Linux networking bug SegmentSmack could remotely crash systems
The Register • John Leyden • 07 Aug 2018

Patches incoming for kernel versions 4.9 and up

A networking flaw has been discovered in the Linux kernel that could trigger a remote denial-of-service attack. Versions 4.9 and up are "vulnerable to denial-of-service conditions with low rates of specially crafted packets", according to a US-CERT advisory this week. The bug is being tracked as SegmentSmack (CVE-2018-5390). SegmentSmack – which sounds a bit like an American wrestler whose speciality is to close bouts just before an ad break – has prompted fixes for a wide variety of network...

Read more...

References

CWE-400https://www.kb.cert.org/vuls/id/962459https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=1a4f14bab1868b443f0dd3c55b689a478f82e72ehttps://www.synology.com/support/security/Synology_SA_18_41https://www.debian.org/security/2018/dsa-4266https://usn.ubuntu.com/3732-2/https://usn.ubuntu.com/3732-1/http://www.securitytracker.com/id/1041424http://www.securityfocus.com/bid/104976http://www.securitytracker.com/id/1041434https://usn.ubuntu.com/3742-2/https://usn.ubuntu.com/3742-1/https://usn.ubuntu.com/3741-1/https://access.redhat.com/errata/RHSA-2018:2395https://access.redhat.com/errata/RHSA-2018:2384https://security.netapp.com/advisory/ntap-20180815-0003/https://lists.debian.org/debian-lts-announce/2018/08/msg00014.htmlhttps://access.redhat.com/errata/RHSA-2018:2403https://access.redhat.com/errata/RHSA-2018:2402https://usn.ubuntu.com/3741-2/http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txthttps://www.a10networks.com/support/security-advisories/tcp-ip-cve-2018-5390-segmentsmackhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180824-linux-tcphttps://support.f5.com/csp/article/K95343321https://access.redhat.com/errata/RHSA-2018:2645https://usn.ubuntu.com/3763-1/https://access.redhat.com/errata/RHSA-2018:2791https://access.redhat.com/errata/RHSA-2018:2790https://access.redhat.com/errata/RHSA-2018:2789https://access.redhat.com/errata/RHSA-2018:2785https://access.redhat.com/errata/RHSA-2018:2776https://access.redhat.com/errata/RHSA-2018:2933https://access.redhat.com/errata/RHSA-2018:2924https://access.redhat.com/errata/RHSA-2018:2948https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.htmlhttp://www.openwall.com/lists/oss-security/2019/06/28/2http://www.openwall.com/lists/oss-security/2019/07/06/3http://www.openwall.com/lists/oss-security/2019/07/06/4https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdfhttps://www.oracle.com/security-alerts/cpujul2020.htmlhttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181031-02-linux-enhttps://support.f5.com/csp/article/K95343321?utm_source=f5support&%3Butm_medium=RSShttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=905751https://nvd.nist.govhttps://usn.ubuntu.com/3741-3/https://www.kb.cert.org/vuls/id/962459
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionfirmwareCVE-2006-4304CVE-2024-32878CVE-2024-31502XSSCVE-2024-3059CVE-2024-33692CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook