CVE-2018-5391 — HIGH (7.5) — White Hats Nepal

Q: How severe is CVE-2018-5391?

CVE-2018-5391 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2018-5391?

Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Server, Redhat Enterprise Linux Server Aus, Redhat Enterprise Linux Server Eus.

Vulnerability Description

The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Linux	Linux Kernel	>= 3.9, <= 4.18
Redhat	Enterprise Linux Desktop	6.0
Redhat	Enterprise Linux Server	6.0
Redhat	Enterprise Linux Server Aus	6.4
Redhat	Enterprise Linux Server Eus	6.7
Redhat	Enterprise Linux Server Tus	6.6
Redhat	Enterprise Linux Workstation	6.0
Debian	Debian Linux	8.0
Canonical	Ubuntu Linux	12.04
Microsoft	Windows 10	-
Microsoft	Windows 7	-
Microsoft	Windows 8.1	-
Microsoft	Windows Rt 8.1	-
Microsoft	Windows Server 2008	-
Microsoft	Windows Server 2012	-
Microsoft	Windows Server 2016	-
F5	Big-Ip Access Policy Manager	>= 11.5.1, < 11.6.5.1
F5	Big-Ip Advanced Firewall Manager	>= 11.5.1, < 11.6.5.1
F5	Big-Ip Analytics	>= 11.5.1, < 11.6.5.1
F5	Big-Ip Application Acceleration Manager	>= 11.5.1, < 11.6.5.1

Related Weaknesses (CWE)

CWE-20 CWE-400

References

http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txtThird Party Advisory
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-eBroken Link
http://www.openwall.com/lists/oss-security/2019/06/28/2Mailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2019/07/06/3Mailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2019/07/06/4Mailing ListThird Party Advisory
http://www.securityfocus.com/bid/105108Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1041476Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1041637Third Party AdvisoryVDB Entry
https://access.redhat.com/errata/RHSA-2018:2785Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2791Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2846Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2924Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2925Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2933Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2948Third Party Advisory

FAQ

What is CVE-2018-5391?

CVE-2018-5391 is a vulnerability with a CVSS score of 7.5 (HIGH). The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service c...

How severe is CVE-2018-5391?

CVE-2018-5391 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-5391?

Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Server, Redhat Enterprise Linux Server Aus, Redhat Enterprise Linux Server Eus.