CVE-2018-5391

Published: Sep 6, 2018Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.

Affected (130)

Products: Linux: Linux Kernel · Redhat: Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Server Aus, Enterprise Linux Server Eus, Enterprise Linux Server Tus, Enterprise Linux Workstation · Debian: Debian Linux · +4 more

Show all products

Linux: Linux Kernel · Redhat: Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Server Aus, Enterprise Linux Server Eus, Enterprise Linux Server Tus, Enterprise Linux Workstation · Debian: Debian Linux · Canonical: Ubuntu Linux · Microsoft: Windows 10, Windows 7, Windows 8.1, Windows Rt 8.1, Windows Server 2008, Windows Server 2012, Windows Server 2016 · F5: Big Ip Access Policy Manager, Big Ip Advanced Firewall Manager, Big Ip Analytics, Big Ip Application Acceleration Manager, Big Ip Application Security Manager, Big Ip Domain Name System, Big Ip Edge Gateway, Big Ip Fraud Protection Service, Big Ip Global Traffic Manager, Big Ip Link Controller, Big Ip Local Traffic Manager, Big Ip Policy Enforcement Manager, Big Ip Webaccelerator · Siemens: Ruggedcom Rm1224 Firmware, Ruggedcom Rox Ii Firmware, Scalance M 800 Firmware, Scalance S615 Firmware, Scalance Sc 600 Firmware, Scalance W1700 Ieee 802.11ac Firmware, Scalance W700 Ieee 802.11a/b/g/n Firmware, Simatic Net Cp 1242 7 Firmware, Simatic Net Cp 1243 1 Firmware, Simatic Net Cp 1243 7 Lte Eu Firmware, Simatic Net Cp 1243 7 Lte Us Firmware, Simatic Net Cp 1243 8 Irc Firmware, Simatic Net Cp 1542sp 1 Firmware, Simatic Net Cp 1542sp 1 Irc Firmware, Simatic Net Cp 1543 1 Firmware, Simatic Net Cp 1543sp 1 Firmware, Simatic Rf185c Firmware, Simatic Rf186c Firmware, Simatic Rf186ci Firmware, Simatic Rf188 Firmware, Simatic Rf188ci Firmware, Sinema Remote Connect Server Firmware

Linux

1 product

Linux Kernel

Redhat

6 products

Enterprise Linux Desktop

Enterprise Linux Server

Enterprise Linux Server Aus

Enterprise Linux Server Eus

Enterprise Linux Server Tus

Enterprise Linux Workstation

1 product

1 product

7 products

13 products

Big Ip Access Policy Manager

Big Ip Advanced Firewall Manager

Big Ip Analytics

Big Ip Application Acceleration Manager

Big Ip Application Security Manager

Big Ip Domain Name System

Big Ip Edge Gateway

Big Ip Fraud Protection Service

Big Ip Global Traffic Manager

Big Ip Link Controller

Big Ip Local Traffic Manager

Big Ip Policy Enforcement Manager

Big Ip Webaccelerator

Siemens

22 products

Ruggedcom Rm1224 Firmware

Ruggedcom Rox Ii Firmware

Scalance M 800 Firmware

Scalance S615 Firmware

Scalance Sc 600 Firmware

Scalance W1700 Ieee 802.11ac Firmware

Scalance W700 Ieee 802.11a/b/g/n Firmware

Simatic Net Cp 1242 7 Firmware

Simatic Net Cp 1243 1 Firmware

Simatic Net Cp 1243 7 Lte Eu Firmware

Simatic Net Cp 1243 7 Lte Us Firmware

Simatic Net Cp 1243 8 Irc Firmware

Simatic Net Cp 1542sp 1 Firmware

Simatic Net Cp 1542sp 1 Irc Firmware

Simatic Net Cp 1543 1 Firmware

Simatic Net Cp 1543sp 1 Firmware

Simatic Rf185c Firmware

Simatic Rf186c Firmware

Simatic Rf186ci Firmware

Simatic Rf188 Firmware

Simatic Rf188ci Firmware

Sinema Remote Connect Server Firmware

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 3.9 to 4.18

Configuration B

20 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux Desktop	Version 6.0
Redhat Enterprise Linux Desktop	Version 7.0
Redhat Enterprise Linux Server	Version 6.0
Redhat Enterprise Linux Server	Version 7.0
Redhat Enterprise Linux Server Aus	Version 6.4
Redhat Enterprise Linux Server Aus	Version 6.5
Redhat Enterprise Linux Server Aus	Version 6.6
Redhat Enterprise Linux Server Aus	Version 7.2
Redhat Enterprise Linux Server Aus	Version 7.3
Redhat Enterprise Linux Server Aus	Version 7.4
Redhat Enterprise Linux Server Eus	Version 6.7
Redhat Enterprise Linux Server Eus	Version 7.3
Redhat Enterprise Linux Server Eus	Version 7.4
Redhat Enterprise Linux Server Eus	Version 7.5
Redhat Enterprise Linux Server Tus	Version 6.6
Redhat Enterprise Linux Server Tus	Version 7.2
Redhat Enterprise Linux Server Tus	Version 7.3
Redhat Enterprise Linux Server Tus	Version 7.4
Redhat Enterprise Linux Workstation	Version 6.0
Redhat Enterprise Linux Workstation	Version 7.0

Configuration C

2 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 8.0
Debian Debian Linux	Version 9.0

Configuration D

4 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 12.04
Canonical Ubuntu Linux	Version 14.04
Canonical Ubuntu Linux	Version 16.04
Canonical Ubuntu Linux	Version 18.04

Configuration E

16 vulnerable

Vulnerable Software	Affected Versions
Microsoft Windows 10	All versions
Microsoft Windows 10	Version 1607
Microsoft Windows 10	Version 1703
Microsoft Windows 10	Version 1709
Microsoft Windows 10	Version 1803
Microsoft Windows 7	All versions
Microsoft Windows 8.1	All versions
Microsoft Windows Rt 8.1	All versions
Microsoft Windows Server 2008	All versions
Microsoft Windows Server 2008	Version r2 sp1
Microsoft Windows Server 2008	Version r2 sp1
Microsoft Windows Server 2012	All versions
Microsoft Windows Server 2012	Version r2
Microsoft Windows Server 2016	All versions
Microsoft Windows Server 2016	Version 1709
Microsoft Windows Server 2016	Version 1803

Configuration F

65 vulnerable

Vulnerable Software	Affected Versions
F5 Big Ip Access Policy Manager	From 11.5.1 to 11.6.5.1
F5 Big Ip Access Policy Manager	From 12.1.0 to 12.1.5
F5 Big Ip Access Policy Manager	From 13.0.0 to 13.1.3
F5 Big Ip Access Policy Manager	From 14.0.0 to 14.0.1.1
F5 Big Ip Access Policy Manager	From 14.1.0 to 14.1.2.4
F5 Big Ip Advanced Firewall Manager	From 11.5.1 to 11.6.5.1
F5 Big Ip Advanced Firewall Manager	From 12.1.0 to 12.1.5
F5 Big Ip Advanced Firewall Manager	From 13.0.0 to 13.1.3
F5 Big Ip Advanced Firewall Manager	From 14.0.0 to 14.0.1.1
F5 Big Ip Advanced Firewall Manager	From 14.1.0 to 14.1.2.4
F5 Big Ip Analytics	From 11.5.1 to 11.6.5.1
F5 Big Ip Analytics	From 12.1.0 to 12.1.5
F5 Big Ip Analytics	From 13.0.0 to 13.1.3
F5 Big Ip Analytics	From 14.0.0 to 14.0.1.1
F5 Big Ip Analytics	From 14.1.0 to 14.1.2.4
F5 Big Ip Application Acceleration Manager	From 11.5.1 to 11.6.5.1
F5 Big Ip Application Acceleration Manager	From 12.1.0 to 12.1.5
F5 Big Ip Application Acceleration Manager	From 13.0.0 to 13.1.3
F5 Big Ip Application Acceleration Manager	From 14.0.0 to 14.0.1.1
F5 Big Ip Application Acceleration Manager	From 14.1.0 to 14.1.2.4
F5 Big Ip Application Security Manager	From 11.5.1 to 11.6.5.1
F5 Big Ip Application Security Manager	From 12.1.0 to 12.1.5
F5 Big Ip Application Security Manager	From 13.0.0 to 13.1.3
F5 Big Ip Application Security Manager	From 14.0.0 to 14.0.1.1
F5 Big Ip Application Security Manager	From 14.1.0 to 14.1.2.4
F5 Big Ip Domain Name System	From 11.5.1 to 11.6.5.1
F5 Big Ip Domain Name System	From 12.1.0 to 12.1.5
F5 Big Ip Domain Name System	From 13.0.0 to 13.1.3
F5 Big Ip Domain Name System	From 14.0.0 to 14.0.1.1
F5 Big Ip Domain Name System	From 14.1.0 to 14.1.2.4
F5 Big Ip Edge Gateway	From 11.5.1 to 11.6.5.1
F5 Big Ip Edge Gateway	From 12.1.0 to 12.1.5
F5 Big Ip Edge Gateway	From 13.0.0 to 13.1.3
F5 Big Ip Edge Gateway	From 14.0.0 to 14.0.1.1
F5 Big Ip Edge Gateway	From 14.1.0 to 14.1.2.4
F5 Big Ip Fraud Protection Service	From 11.5.1 to 11.6.5.1
F5 Big Ip Fraud Protection Service	From 12.1.0 to 12.1.5
F5 Big Ip Fraud Protection Service	From 13.0.0 to 13.1.3
F5 Big Ip Fraud Protection Service	From 14.0.0 to 14.0.1.1
F5 Big Ip Fraud Protection Service	From 14.1.0 to 14.1.2.4
F5 Big Ip Global Traffic Manager	From 11.5.1 to 11.6.5.1
F5 Big Ip Global Traffic Manager	From 12.1.0 to 12.1.5
F5 Big Ip Global Traffic Manager	From 13.0.0 to 13.1.3
F5 Big Ip Global Traffic Manager	From 14.0.0 to 14.0.1.1
F5 Big Ip Global Traffic Manager	From 14.1.0 to 14.1.2.4
F5 Big Ip Link Controller	From 11.5.1 to 11.6.5.1
F5 Big Ip Link Controller	From 12.1.0 to 12.1.5
F5 Big Ip Link Controller	From 13.0.0 to 13.1.3
F5 Big Ip Link Controller	From 14.0.0 to 14.0.1.1
F5 Big Ip Link Controller	From 14.1.0 to 14.1.2.4
F5 Big Ip Local Traffic Manager	From 11.5.1 to 11.6.5.1
F5 Big Ip Local Traffic Manager	From 12.1.0 to 12.1.5
F5 Big Ip Local Traffic Manager	From 13.0.0 to 13.1.3
F5 Big Ip Local Traffic Manager	From 14.0.0 to 14.0.1.1
F5 Big Ip Local Traffic Manager	From 14.1.0 to 14.1.2.4
F5 Big Ip Policy Enforcement Manager	From 11.5.1 to 11.6.5.1
F5 Big Ip Policy Enforcement Manager	From 12.1.0 to 12.1.5
F5 Big Ip Policy Enforcement Manager	From 13.0.0 to 13.1.3
F5 Big Ip Policy Enforcement Manager	From 14.0.0 to 14.0.1.1
F5 Big Ip Policy Enforcement Manager	From 14.1.0 to 14.1.2.4
F5 Big Ip Webaccelerator	From 11.5.1 to 11.6.5.1
F5 Big Ip Webaccelerator	From 12.1.0 to 12.1.5
F5 Big Ip Webaccelerator	From 13.0.0 to 13.1.3
F5 Big Ip Webaccelerator	From 14.0.0 to 14.0.1.1
F5 Big Ip Webaccelerator	From 14.1.0 to 14.1.2.4

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Ruggedcom Rm1224 Firmware	Before 6.1

Running on/with	Platform Versions
Siemens Ruggedcom Rm1224	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Ruggedcom Rox Ii Firmware	Before 2.13.3

Running on/with	Platform Versions
Siemens Ruggedcom Rox Ii	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance M 800 Firmware	Before 6.1

Running on/with	Platform Versions
Siemens Scalance M 800	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance S615 Firmware	Before 6.1

Running on/with	Platform Versions
Siemens Scalance S615	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance Sc 600 Firmware	Before 2.0

Running on/with	Platform Versions
Siemens Scalance Sc 600	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance W1700 Ieee 802.11ac Firmware	Before 2.0

Running on/with	Platform Versions
Siemens Scalance W1700 Ieee 802.11ac	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Scalance W700 Ieee 802.11a/b/g/n Firmware	Before 6.4

Running on/with	Platform Versions
Siemens Scalance W700 Ieee 802.11a/b/g/n	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Net Cp 1242 7 Firmware	Before 3.2

Running on/with	Platform Versions
Siemens Simatic Net Cp 1242 7	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Net Cp 1243 1 Firmware	Before 3.2

Running on/with	Platform Versions
Siemens Simatic Net Cp 1243 1	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Net Cp 1243 7 Lte Eu Firmware	Before 3.2

Running on/with	Platform Versions
Siemens Simatic Net Cp 1243 7 Lte Eu	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Net Cp 1243 7 Lte Us Firmware	Before 3.2

Running on/with	Platform Versions
Siemens Simatic Net Cp 1243 7 Lte Us	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Net Cp 1243 8 Irc Firmware	Before 3.2

Running on/with	Platform Versions
Siemens Simatic Net Cp 1243 8 Irc	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Net Cp 1542sp 1 Firmware	Before 2.1

Running on/with	Platform Versions
Siemens Simatic Net Cp 1542sp 1	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Net Cp 1542sp 1 Irc Firmware	Before 2.1

Running on/with	Platform Versions
Siemens Simatic Net Cp 1542sp 1 Irc	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Net Cp 1543 1 Firmware	Before 2.2

Running on/with	Platform Versions
Siemens Simatic Net Cp 1543 1	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Net Cp 1543sp 1 Firmware	Before 2.1

Running on/with	Platform Versions
Siemens Simatic Net Cp 1543sp 1	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Rf185c Firmware	Before 1.3

Running on/with	Platform Versions
Siemens Simatic Rf185c	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Rf186c Firmware	Before 1.3

Running on/with	Platform Versions
Siemens Simatic Rf186c	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Rf186ci Firmware	Before 1.3

Running on/with	Platform Versions
Siemens Simatic Rf186ci	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Rf188 Firmware	Before 1.3

Running on/with	Platform Versions
Siemens Simatic Rf188	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Simatic Rf188ci Firmware	Before 1.3

Running on/with	Platform Versions
Siemens Simatic Rf188ci	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Siemens Sinema Remote Connect Server Firmware	From 1.1 to 2.0.1

Running on/with	Platform Versions
Siemens Sinema Remote Connect Server	All versions

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

CWE-400

Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (70)

http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt

Source: cret@cert.org

Third Party Advisory

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en

Source: cret@cert.org

Broken Link

http://www.openwall.com/lists/oss-security/2019/06/28/2

Source: cret@cert.org

Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2019/07/06/3

Source: cret@cert.org

Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2019/07/06/4

Source: cret@cert.org

Mailing ListThird Party Advisory

http://www.securityfocus.com/bid/105108

Source: cret@cert.org

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1041476

Source: cret@cert.org

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1041637

Source: cret@cert.org

Third Party AdvisoryVDB Entry

https://access.redhat.com/errata/RHSA-2018:2785

Source: cret@cert.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:2791

Source: cret@cert.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:2846

Source: cret@cert.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:2924

Source: cret@cert.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:2925

Source: cret@cert.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:2933

Source: cret@cert.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:2948

Source: cret@cert.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:3083

Source: cret@cert.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:3096

Source: cret@cert.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:3459

Source: cret@cert.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:3540

Source: cret@cert.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:3586

Source: cret@cert.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:3590

Source: cret@cert.org

Third Party Advisory

https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf

Source: cret@cert.org

Third Party Advisory

https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f

Source: cret@cert.org

PatchVendor Advisory

https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html

Source: cret@cert.org

Mailing ListMitigationThird Party Advisory

https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html

Source: cret@cert.org

Mailing ListThird Party Advisory

https://security.netapp.com/advisory/ntap-20181003-0002/

Source: cret@cert.org

Third Party Advisory

https://support.f5.com/csp/article/K74374841?utm_source=f5support&amp%3Butm_medium=RSS

Source: cret@cert.org

https://usn.ubuntu.com/3740-1/

Source: cret@cert.org

Third Party Advisory

https://usn.ubuntu.com/3740-2/

Source: cret@cert.org

Third Party Advisory

https://usn.ubuntu.com/3741-1/

Source: cret@cert.org

Third Party Advisory

https://usn.ubuntu.com/3741-2/

Source: cret@cert.org

Third Party Advisory

https://usn.ubuntu.com/3742-1/

Source: cret@cert.org

Third Party Advisory

https://usn.ubuntu.com/3742-2/

Source: cret@cert.org

Third Party Advisory

https://www.debian.org/security/2018/dsa-4272

Source: cret@cert.org

MitigationThird Party Advisory

https://www.kb.cert.org/vuls/id/641765

Source: cret@cert.org

Third Party AdvisoryUS Government Resource

http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt