Attacker Value
Unknown
CVE-2018-5390
CVE-2018-5390
(Last updated November 08, 2023) ▾
MITRE ATT&CK
Log in to add MITRE ATT&CK tag
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Description
Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
Data provided by the National Vulnerability Database (NVD)
Base Score:
7.5 High
Impact Score:
3.6
Exploitability Score:
3.9
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
None
Integrity (I):
None
Availability (A):
High
General Information
Vendors
- a10networks,
- canonical,
- cisco,
- debian,
- f5,
- hp,
- linux,
- redhat
Products
- advanced core operating system 3.2.2,
- advanced core operating system 4.1.0,
- advanced core operating system 4.1.1,
- advanced core operating system 4.1.2,
- advanced core operating system 4.1.4,
- aruba airwave amp,
- aruba clearpass policy manager,
- big-ip access policy manager,
- big-ip access policy manager 14.0.0,
- big-ip advanced firewall manager,
- big-ip advanced firewall manager 14.0.0,
- big-ip analytics,
- big-ip analytics 14.0.0,
- big-ip application acceleration manager,
- big-ip application acceleration manager 14.0.0,
- big-ip application security manager,
- big-ip application security manager 14.0.0,
- big-ip domain name system,
- big-ip domain name system 14.0.0,
- big-ip edge gateway,
- big-ip edge gateway 14.0.0,
- big-ip fraud protection service,
- big-ip fraud protection service 14.0.0,
- big-ip global traffic manager,
- big-ip global traffic manager 14.0.0,
- big-ip link controller,
- big-ip link controller 14.0.0,
- big-ip local traffic manager,
- big-ip local traffic manager 14.0.0,
- big-ip policy enforcement manager,
- big-ip policy enforcement manager 14.0.0,
- big-ip webaccelerator,
- big-ip webaccelerator 14.0.0,
- collaboration meeting rooms 1.0,
- debian linux 8.0,
- debian linux 9.0,
- digital network architecture center 1.2,
- enterprise linux desktop 7.0,
- enterprise linux server 7.0,
- enterprise linux server aus 6.4,
- enterprise linux server aus 6.5,
- enterprise linux server aus 6.6,
- enterprise linux server aus 7.2,
- enterprise linux server aus 7.3,
- enterprise linux server aus 7.4,
- enterprise linux server eus 6.4,
- enterprise linux server eus 6.7,
- enterprise linux server eus 7.2,
- enterprise linux server eus 7.3,
- enterprise linux server eus 7.4,
- enterprise linux server eus 7.5,
- enterprise linux server tus 6.6,
- enterprise linux server tus 7.2,
- enterprise linux server tus 7.3,
- enterprise linux server tus 7.4,
- enterprise linux workstation 7.0,
- expressway series -,
- expressway x8.10,
- expressway x8.10.1,
- expressway x8.10.2,
- expressway x8.10.3,
- expressway x8.10.4,
- expressway x8.11,
- linux kernel,
- linux kernel 4.18,
- meeting management 1.0,
- meeting management 1.0.1,
- network assurance engine 2.1(1a),
- telepresence conductor firmware xc4.3,
- telepresence conductor firmware xc4.3.1,
- telepresence conductor firmware xc4.3.2,
- telepresence conductor firmware xc4.3.3,
- telepresence conductor firmware xc4.3.4,
- telepresence video communication server firmware x8.10,
- telepresence video communication server firmware x8.10.1,
- telepresence video communication server firmware x8.10.2,
- telepresence video communication server firmware x8.10.3,
- telepresence video communication server firmware x8.10.4,
- telepresence video communication server firmware x8.11,
- threat grid-cloud -,
- traffix systems signaling delivery controller,
- traffix systems signaling delivery controller 4.4.0,
- ubuntu linux 12.04,
- ubuntu linux 14.04,
- ubuntu linux 16.04,
- ubuntu linux 18.04,
- virtualization 4.0,
- webex hybrid data security -,
- webex video mesh -
References
Advisory
Miscellaneous
