Attacker Value
Unknown
CVE-2018-5391
CVE-2018-5391
(Last updated November 08, 2023) ▾
MITRE ATT&CK
Log in to add MITRE ATT&CK tag
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Description
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
Data provided by the National Vulnerability Database (NVD)
Base Score:
7.5 High
Impact Score:
3.6
Exploitability Score:
3.9
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
None
Integrity (I):
None
Availability (A):
High
General Information
Vendors
- canonical,
- debian,
- f5,
- linux,
- microsoft,
- redhat,
- siemens
Products
- big-ip access policy manager,
- big-ip advanced firewall manager,
- big-ip analytics,
- big-ip application acceleration manager,
- big-ip application security manager,
- big-ip domain name system,
- big-ip edge gateway,
- big-ip fraud protection service,
- big-ip global traffic manager,
- big-ip link controller,
- big-ip local traffic manager,
- big-ip policy enforcement manager,
- big-ip webaccelerator,
- debian linux 8.0,
- debian linux 9.0,
- enterprise linux desktop 6.0,
- enterprise linux desktop 7.0,
- enterprise linux server 6.0,
- enterprise linux server 7.0,
- enterprise linux server aus 6.4,
- enterprise linux server aus 6.5,
- enterprise linux server aus 6.6,
- enterprise linux server aus 7.2,
- enterprise linux server aus 7.3,
- enterprise linux server aus 7.4,
- enterprise linux server eus 6.7,
- enterprise linux server eus 7.3,
- enterprise linux server eus 7.4,
- enterprise linux server eus 7.5,
- enterprise linux server tus 6.6,
- enterprise linux server tus 7.2,
- enterprise linux server tus 7.3,
- enterprise linux server tus 7.4,
- enterprise linux workstation 6.0,
- enterprise linux workstation 7.0,
- linux kernel,
- ruggedcom rm1224 firmware,
- ruggedcom rox ii firmware,
- scalance m-800 firmware,
- scalance s615 firmware,
- scalance sc-600 firmware,
- scalance w1700 ieee 802.11ac firmware,
- scalance w700 ieee 802.11a/b/g/n firmware,
- simatic net cp 1242-7 firmware,
- simatic net cp 1243-1 firmware,
- simatic net cp 1243-7 lte eu firmware,
- simatic net cp 1243-7 lte us firmware,
- simatic net cp 1243-8 irc firmware,
- simatic net cp 1542sp-1 firmware,
- simatic net cp 1542sp-1 irc firmware,
- simatic net cp 1543-1 firmware,
- simatic net cp 1543sp-1 firmware,
- simatic rf185c firmware,
- simatic rf186c firmware,
- simatic rf186ci firmware,
- simatic rf188 firmware,
- simatic rf188ci firmware,
- sinema remote connect server firmware,
- ubuntu linux 12.04,
- ubuntu linux 14.04,
- ubuntu linux 16.04,
- ubuntu linux 18.04,
- windows 10 -,
- windows 10 1607,
- windows 10 1703,
- windows 10 1709,
- windows 10 1803,
- windows 7 -,
- windows 8.1 -,
- windows rt 8.1 -,
- windows server 2008 -,
- windows server 2008 r2,
- windows server 2012 -,
- windows server 2012 r2,
- windows server 2016 -,
- windows server 2016 1709,
- windows server 2016 1803
References
Advisory
