Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2018-5391

The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.

  • Published: Sep 6, 2018
  • Updated: Apr 13, 2023
  • CVE: CVE-2018-5391
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

  • Severity: High
  • Score: 7.8
  • AV:N/AC:L/Au:N/C:N/I:N/A:C

CWEs:

Software From Fixed in
linux / linux_kernel 3.9 4.18.x
redhat / enterprise_linux_desktop 7.0 7.0.x
redhat / enterprise_linux_server_aus 7.2 7.2.x
redhat / enterprise_linux_workstation 7.0 7.0.x
redhat / enterprise_linux_server_tus 7.2 7.2.x
redhat / enterprise_linux_server 7.0 7.0.x
redhat / enterprise_linux_server_aus 6.6 6.6.x
redhat / enterprise_linux_server_aus 6.5 6.5.x
redhat / enterprise_linux_server_aus 6.4 6.4.x
redhat / enterprise_linux_desktop 6.0 6.0.x
redhat / enterprise_linux_server 6.0 6.0.x
redhat / enterprise_linux_workstation 6.0 6.0.x
redhat / enterprise_linux_server_tus 7.3 7.3.x
redhat / enterprise_linux_server_aus 7.3 7.3.x
redhat / enterprise_linux_server_aus 7.4 7.4.x
redhat / enterprise_linux_server_eus 7.3 7.3.x
redhat / enterprise_linux_server_eus 7.4 7.4.x
redhat / enterprise_linux_server_tus 7.4 7.4.x
redhat / enterprise_linux_server_eus 7.5 7.5.x
redhat / enterprise_linux_server_eus 6.7 6.7.x
redhat / enterprise_linux_server_tus 6.6 6.6.x
debian / debian_linux 8.0 8.0.x
debian / debian_linux 9.0 9.0.x
canonical / ubuntu_linux 16.04 16.04.x
canonical / ubuntu_linux 14.04 14.04.x
canonical / ubuntu_linux 12.04 12.04.x
canonical / ubuntu_linux 18.04 18.04.x
microsoft / windows_server_2008 r2-sp1 r2-sp1.x
microsoft / windows_server_2012 r2 r2.x
microsoft / windows_10 1607 1607.x
microsoft / windows_server_2008 --sp2 --sp2.x
microsoft / windows_7 --sp1 --sp1.x
microsoft / windows_10 1703 1703.x
microsoft / windows_10 1709 1709.x
microsoft / windows_server_2016 1709 1709.x
microsoft / windows_10 1803 1803.x
microsoft / windows_server_2016 1803 1803.x
f5 / big-ip_access_policy_manager 12.1.0 12.1.5
f5 / big-ip_access_policy_manager 14.0.0 14.0.1.1
f5 / big-ip_advanced_firewall_manager 14.0.0 14.0.1.1
f5 / big-ip_analytics 14.0.0 14.0.1.1
f5 / big-ip_application_acceleration_manager 14.0.0 14.0.1.1
f5 / big-ip_application_security_manager 14.0.0 14.0.1.1
f5 / big-ip_domain_name_system 14.0.0 14.0.1.1
f5 / big-ip_edge_gateway 14.0.0 14.0.1.1
f5 / big-ip_fraud_protection_service 14.0.0 14.0.1.1
f5 / big-ip_global_traffic_manager 14.0.0 14.0.1.1
f5 / big-ip_link_controller 14.0.0 14.0.1.1
f5 / big-ip_policy_enforcement_manager 14.0.0 14.0.1.1
f5 / big-ip_webaccelerator 14.0.0 14.0.1.1
f5 / big-ip_local_traffic_manager 14.0.0 14.0.1.1
f5 / big-ip_local_traffic_manager 14.1.0 14.1.2.4
f5 / big-ip_application_acceleration_manager 14.1.0 14.1.2.4
f5 / big-ip_advanced_firewall_manager 14.1.0 14.1.2.4
f5 / big-ip_access_policy_manager 14.1.0 14.1.2.4
f5 / big-ip_analytics 14.1.0 14.1.2.4
f5 / big-ip_application_security_manager 14.1.0 14.1.2.4
f5 / big-ip_domain_name_system 14.1.0 14.1.2.4
f5 / big-ip_fraud_protection_service 14.1.0 14.1.2.4
f5 / big-ip_global_traffic_manager 14.1.0 14.1.2.4
f5 / big-ip_link_controller 14.1.0 14.1.2.4
f5 / big-ip_policy_enforcement_manager 14.1.0 14.1.2.4
f5 / big-ip_webaccelerator 14.1.0 14.1.2.4
f5 / big-ip_edge_gateway 14.1.0 14.1.2.4
f5 / big-ip_webaccelerator 13.0.0 13.1.3
f5 / big-ip_webaccelerator 12.1.0 12.1.5
f5 / big-ip_webaccelerator 11.5.1 11.6.5.1
f5 / big-ip_policy_enforcement_manager 13.0.0 13.1.3
f5 / big-ip_policy_enforcement_manager 12.1.0 12.1.5
f5 / big-ip_policy_enforcement_manager 11.5.1 11.6.5.1
f5 / big-ip_link_controller 13.0.0 13.1.3
f5 / big-ip_link_controller 12.1.0 12.1.5
f5 / big-ip_link_controller 11.5.1 11.6.5.1
f5 / big-ip_global_traffic_manager 13.0.0 13.1.3
f5 / big-ip_global_traffic_manager 12.1.0 12.1.5
f5 / big-ip_global_traffic_manager 11.5.1 11.6.5.1
f5 / big-ip_fraud_protection_service 13.0.0 13.1.3
f5 / big-ip_fraud_protection_service 12.1.0 12.1.5
f5 / big-ip_fraud_protection_service 11.5.1 11.6.5.1
f5 / big-ip_edge_gateway 13.0.0 13.1.3
f5 / big-ip_edge_gateway 12.1.0 12.1.5
f5 / big-ip_edge_gateway 11.5.1 11.6.5.1
f5 / big-ip_domain_name_system 13.0.0 13.1.3
f5 / big-ip_domain_name_system 12.1.0 12.1.5
f5 / big-ip_domain_name_system 11.5.1 11.6.5.1
f5 / big-ip_access_policy_manager 13.0.0 13.1.3
f5 / big-ip_access_policy_manager 11.5.1 11.6.5.1
f5 / big-ip_advanced_firewall_manager 13.0.0 13.1.3
f5 / big-ip_advanced_firewall_manager 12.1.0 12.1.5
f5 / big-ip_advanced_firewall_manager 11.5.1 11.6.5.1
f5 / big-ip_analytics 13.0.0 13.1.3
f5 / big-ip_analytics 12.1.0 12.1.5
f5 / big-ip_analytics 11.5.1 11.6.5.1
f5 / big-ip_application_acceleration_manager 13.0.0 13.1.3
f5 / big-ip_application_acceleration_manager 12.1.0 12.1.5
f5 / big-ip_application_acceleration_manager 11.5.1 11.6.5.1
f5 / big-ip_application_security_manager 13.0.0 13.1.3
f5 / big-ip_application_security_manager 12.1.0 12.1.5
f5 / big-ip_application_security_manager 11.5.1 11.6.5.1
f5 / big-ip_local_traffic_manager 13.0.0 13.1.3
f5 / big-ip_local_traffic_manager 12.1.0 12.1.5
f5 / big-ip_local_traffic_manager 11.5.1 11.6.5.1
siemens / ruggedcom_rm1224_firmware - 6.1
siemens / ruggedcom_rox_ii_firmware - 2.13.3
siemens / scalance_m-800_firmware - 6.1
siemens / scalance_s615_firmware - 6.1
siemens / scalance_sc-600_firmware - 2.0
siemens / scalance_w1700_ieee_802.11ac_firmware - 2.0
siemens / scalance_w700_ieee_802.11a/b/g/n_firmware - 6.4
siemens / simatic_net_cp_1242-7_firmware - 3.2
siemens / simatic_net_cp_1243-1_firmware - 3.2
siemens / simatic_net_cp_1243-7_lte_eu_firmware - 3.2
siemens / simatic_net_cp_1243-7_lte_us_firmware - 3.2
siemens / simatic_net_cp_1243-8_irc_firmware - 3.2
siemens / simatic_net_cp_1542sp-1_firmware - 2.1
siemens / simatic_net_cp_1542sp-1_irc_firmware - 2.1
siemens / simatic_net_cp_1543-1_firmware - 2.2
siemens / simatic_net_cp_1543sp-1_firmware - 2.1
siemens / simatic_rf185c_firmware - 1.3
siemens / simatic_rf186c_firmware - 1.3
siemens / simatic_rf186ci_firmware - 1.3
siemens / simatic_rf188_firmware - 1.3
siemens / simatic_rf188ci_firmware - 1.3
siemens / sinema_remote_connect_server_firmware 1.1 2.0.1