Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv2

CVE-2018-5391

Published: 06/09/2018 Updated: 07/11/2023
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 695
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Linux Kernel

Vulnerability Summary

The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

redhat enterprise linux desktop 7.0

redhat enterprise linux server aus 7.2

redhat enterprise linux workstation 7.0

redhat enterprise linux server tus 7.2

redhat enterprise linux server 7.0

redhat enterprise linux server aus 6.6

redhat enterprise linux server aus 6.5

redhat enterprise linux server aus 6.4

redhat enterprise linux desktop 6.0

redhat enterprise linux server 6.0

redhat enterprise linux workstation 6.0

redhat enterprise linux server tus 7.3

redhat enterprise linux server aus 7.3

redhat enterprise linux server aus 7.4

redhat enterprise linux server eus 7.3

redhat enterprise linux server eus 7.4

redhat enterprise linux server tus 7.4

redhat enterprise linux server eus 7.5

redhat enterprise linux server eus 6.7

redhat enterprise linux server tus 6.6

debian debian linux 8.0

debian debian linux 9.0

canonical ubuntu linux 16.04

canonical ubuntu linux 14.04

canonical ubuntu linux 12.04

canonical ubuntu linux 18.04

microsoft windows server 2008 r2

microsoft windows server 2012 r2

microsoft windows 10 1607

microsoft windows 8.1 -

microsoft windows server 2016 -

microsoft windows server 2008 -

microsoft windows 7 -

microsoft windows rt 8.1 -

microsoft windows 10 1703

microsoft windows server 2012 -

microsoft windows 10 -

microsoft windows 10 1709

microsoft windows server 2016 1709

microsoft windows 10 1803

microsoft windows server 2016 1803

f5 big-ip access policy manager

f5 big-ip advanced firewall manager

f5 big-ip analytics

f5 big-ip application acceleration manager

f5 big-ip application security manager

f5 big-ip domain name system

f5 big-ip edge gateway

f5 big-ip fraud protection service

f5 big-ip global traffic manager

f5 big-ip link controller

f5 big-ip policy enforcement manager

f5 big-ip webaccelerator

f5 big-ip local traffic manager

siemens ruggedcom_rm1224_firmware

siemens ruggedcom_rox_ii_firmware

siemens scalance_m-800_firmware

siemens scalance_s615_firmware

siemens scalance_sc-600_firmware

siemens scalance_w1700_ieee_802.11ac_firmware

siemens scalance_w700_ieee_802.11a\\/b\\/g\\/n_firmware

siemens simatic_net_cp_1242-7_firmware

siemens simatic_net_cp_1243-1_firmware

siemens simatic_net_cp_1243-7_lte_eu_firmware

siemens simatic_net_cp_1243-7_lte_us_firmware

siemens simatic_net_cp_1243-8_irc_firmware

siemens simatic_net_cp_1542sp-1_firmware

siemens simatic_net_cp_1542sp-1_irc_firmware

siemens simatic_net_cp_1543-1_firmware

siemens simatic_net_cp_1543sp-1_firmware

siemens simatic_rf185c_firmware

siemens simatic_rf186c_firmware

siemens simatic_rf186ci_firmware

siemens simatic_rf188_firmware

siemens simatic_rf188ci_firmware

siemens sinema_remote_connect_server_firmware

Vendor Advisories

Debian Security Advisories: DSA-4272-1 linux -- security update
CVE-2018-5391 (FragmentSmack) Juha-Matti Tilli discovered a flaw in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets A remote attacker can take advantage of this flaw to trigger time and calculation expensive fragment reassembly algorithms by sending specially crafted packets, leading to remote de ...
Amazon Linux AMI: ALAS-2018-1058
Fixes for L1Terminal Fault security issues: L1 Terminal Fault-OS/ SMM:Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and side-channel analysis(CVE-2018-3620) L1 Termin ...
Amazon Linux 2: ALAS2-2018-1058
Fixes for L1Terminal Fault security issues: L1 Terminal Fault-OS/ SMM:Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and side-channel analysis(CVE-2018-3620) L1 Termin ...
Red Hat: Important: kernel-rt security and bug fix update
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise MRG 2Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVS ...
Red Hat: Important: kernel security, bug fix, and enhancement update
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 74 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Comm ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 72 Advanced Update Support, Red Hat Enterprise Linux 72 Telco Extended Update Support, and Red Hat Enterprise Linux 72 Update Services ...
Red Hat: Important: kernel security, bug fix, and enhancement update
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) b ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 66 Advanced Update Support and Red Hat Enterprise Linux 66 Telco Extended Update SupportRed Hat Product Security has rated this update ...
Red Hat: Important: kernel-rt security, bug fix, and enhancement update
Synopsis Important: kernel-rt security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Sco ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 73 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 65 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 64 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 67 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...
Red Hat: Important: kernel security, bug fix, and enhancement update
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 75 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Comm ...
Red Hat: Important: kernel-alt security, bug fix, and enhancement update
Synopsis Important: kernel-alt security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel-alt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability S ...
Red Hat: CVE-2018-5391
A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system ...
Cisco: Linux Kernel IP Fragment Reassembly Denial of Service Vulnerability Affecting Cisco Products: August 2018
On August 14, 2018, the Vulnerability Coordination team of the National Cyber Security Centre of Finland (NCSC-FI) and the CERT Coordination Center (CERT/CC) disclosed a vulnerability in the IP stack that is used by the Linux Kernel This vulnerability is publicly known as FragmentSmack The vulnerability could allow an unauthenticated, remote atta ...
Ubuntu Security Notice: linux regressions
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oem, linux-raspi2 vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-hwe, linux-azure, linux-gcp vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-lts-trusty vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-lts-xenial, linux-aws vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-lts-trusty regressions
USN-3742-2 introduced regressions in the Linux Hardware Enablement (HWE) kernel for Ubuntu 1204 ESM ...
Arch Linux Issues:
A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system ...
Palo Alto Networks Security Advisory: CVE-2018-5391 Information about FragmentSmack findings
CVE-2018-5391 Information about FragmentSmack findings ...

Mailing Lists

Full Disclosure: Re: linux-distros membership application - Microsoft
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> Re: linux-distros membership application - Microsoft <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: Sasha Levin ...

Github Repositories

https://github.com/chetanshirke/my_ref

URL Refs

#My References ##Applications Centos 5x Cronjob monthly first week "30 23 * * 2 [ date +\%d -le 7 ] &amp;&amp; /var/lib/haproxy/haproxy-geoip" wget dlfedoraprojectorg/pub/epel/5/x86_64/epel-release-5-4noarchrpm wget rpmsfamillecolletcom/enterprise/remi-release-5rpm sudo rpm -Uvh remi-release-5*rpm epel-release-5*rpm Centos 6x wget ht

https://github.com/ozipoetra/natvps-dns

Auto DNS configuration NatVPS Auto setup and configure dns for natvps bash &lt;(curl -Ls githubcom/ozipoetra/natvps-dns/raw/main/confsh) Another useful to optimize natvps connection Priority ipv4 over ipv6 nano /etc/gaiconf # add this to last line precedence ::ffff:0:0/96 100 Adjus

References

CWE-20https://www.kb.cert.org/vuls/id/641765https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19fhttps://www.debian.org/security/2018/dsa-4272https://usn.ubuntu.com/3742-2/https://usn.ubuntu.com/3742-1/https://usn.ubuntu.com/3741-2/https://usn.ubuntu.com/3741-1/https://usn.ubuntu.com/3740-2/https://usn.ubuntu.com/3740-1/https://lists.debian.org/debian-lts-announce/2018/08/msg00014.htmlhttp://www.securitytracker.com/id/1041476http://www.securityfocus.com/bid/105108http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txthttp://www.securitytracker.com/id/1041637https://access.redhat.com/errata/RHSA-2018:2791https://access.redhat.com/errata/RHSA-2018:2785https://security.netapp.com/advisory/ntap-20181003-0002/https://access.redhat.com/errata/RHSA-2018:2846https://access.redhat.com/errata/RHSA-2018:2933https://access.redhat.com/errata/RHSA-2018:2925https://access.redhat.com/errata/RHSA-2018:2924https://access.redhat.com/errata/RHSA-2018:3096https://access.redhat.com/errata/RHSA-2018:3083https://access.redhat.com/errata/RHSA-2018:2948https://access.redhat.com/errata/RHSA-2018:3459https://access.redhat.com/errata/RHSA-2018:3590https://access.redhat.com/errata/RHSA-2018:3586https://access.redhat.com/errata/RHSA-2018:3540https://lists.debian.org/debian-lts-announce/2019/03/msg00017.htmlhttp://www.openwall.com/lists/oss-security/2019/06/28/2http://www.openwall.com/lists/oss-security/2019/07/06/3http://www.openwall.com/lists/oss-security/2019/07/06/4http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-enhttps://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdfhttps://support.f5.com/csp/article/K74374841?utm_source=f5support&%3Butm_medium=RSShttps://nvd.nist.govhttps://www.debian.org/security/./dsa-4272https://github.com/chetanshirke/my_refhttps://www.kb.cert.org/vuls/id/641765
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987buffer overflowCVE-2024-28890CVE-2024-27574CVE-2024-27347CVE-2024-31450privilegeSSTICVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook