CVE-2018-5391

Published: 14 August 2018

The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.

From the Ubuntu security team

Juha-Matti Tilli discovered that the IP implementation in the Linux kernel performed algorithmically expensive operations in some situations when handling incoming packet fragments. A remote attacker could use this to cause a denial of service.

Priority

CVSS 3 base score: 7.5

Status

Package	Release	Status
linux Launchpad, Ubuntu, Debian	Upstream	Released (4.19~rc4)



	Ubuntu 18.04 LTS (Bionic Beaver)	Released (4.15.0-32.35)
	Ubuntu 16.04 LTS (Xenial Xerus)	Released (4.4.0-133.159)
	Ubuntu 14.04 ESM (Trusty Tahr)	Released (3.13.0-155.205)
	Patches: Introduced by c2a936600f78aea00d3312ea4b66a79a4619f9b4 Fixed by 7969e5c40dfd04799d4341f1b7cd266b6e47f227\|local-2018-5391-fix Introduced by c2a936600f78aea00d3312ea4b66a79a4619f9b4 Fixed by 385114dec8a49b5e5945e77ba7de6356106713f4\|local-2018-5391-fix Introduced by c2a936600f78aea00d3312ea4b66a79a4619f9b4 Fixed by fa0f527358bd900ef92f925878ed6bfbd51305cc\|local-2018-5391-fix Introduced by c2a936600f78aea00d3312ea4b66a79a4619f9b4 Fixed by 70837ffe3085c9a91488b52ca13ac84424da1042\|local-2018-5391-fix Introduced by c2a936600f78aea00d3312ea4b66a79a4619f9b4 Fixed by 5d407b071dc369c26a38398326ee2be53651cfe4\|local-2018-5391-fix
linux-aws Launchpad, Ubuntu, Debian	Upstream	Released (4.19~rc4)



	Ubuntu 18.04 LTS (Bionic Beaver)	Released (4.15.0-1019.19)
	Ubuntu 16.04 LTS (Xenial Xerus)	Released (4.4.0-1065.75)
	Ubuntu 14.04 ESM (Trusty Tahr)	Released (4.4.0-1027.30)
linux-azure Launchpad, Ubuntu, Debian	Upstream	Released (4.19~rc4)



	Ubuntu 18.04 LTS (Bionic Beaver)	Released (4.15.0-1021.21)
	Ubuntu 16.04 LTS (Xenial Xerus)	Released (4.15.0-1021.21~16.04.1)
	Ubuntu 14.04 ESM (Trusty Tahr)	Not vulnerable (4.15.0-1023.24~14.04.1)
linux-azure-edge Launchpad, Ubuntu, Debian	Upstream	Released (4.19~rc4)



	Ubuntu 18.04 LTS (Bionic Beaver)	Not vulnerable (4.18.0-1004.4~18.04.1)
	Ubuntu 16.04 LTS (Xenial Xerus)	Released (4.15.0-1021.21)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-euclid Launchpad, Ubuntu, Debian	Upstream	Released (4.19~rc4)



	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 LTS (Xenial Xerus)	Released (4.4.0-9029.31)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-flo Launchpad, Ubuntu, Debian	Upstream	Released (4.19~rc4)



	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 LTS (Xenial Xerus)	Ignored (abandoned)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist (trusty was ignored [abandoned])
linux-gcp Launchpad, Ubuntu, Debian	Upstream	Released (4.19~rc4)



	Ubuntu 18.04 LTS (Bionic Beaver)	Released (4.15.0-1017.18)
	Ubuntu 16.04 LTS (Xenial Xerus)	Released (4.15.0-1017.18~16.04.1)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-gke Launchpad, Ubuntu, Debian	Upstream	Released (4.19~rc4)



	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 LTS (Xenial Xerus)	Ignored (end-of-life)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-goldfish Launchpad, Ubuntu, Debian	Upstream	Released (4.19~rc4)



	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 LTS (Xenial Xerus)	Ignored (end-of-life)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist (trusty was ignored [abandoned])
linux-grouper Launchpad, Ubuntu, Debian	Upstream	Released (4.19~rc4)



	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist (trusty was ignored [abandoned])
linux-hwe Launchpad, Ubuntu, Debian	Upstream	Released (4.19~rc4)



	Ubuntu 18.04 LTS (Bionic Beaver)	Not vulnerable
	Ubuntu 16.04 LTS (Xenial Xerus)	Released (4.15.0-32.35~16.04.1)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-hwe-edge Launchpad, Ubuntu, Debian	Upstream	Released (4.19~rc4)



	Ubuntu 18.04 LTS (Bionic Beaver)	Not vulnerable (4.18.0-11.12~18.04.1)
	Ubuntu 16.04 LTS (Xenial Xerus)	Released (4.15.0-32.35~16.04.1)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-kvm Launchpad, Ubuntu, Debian	Upstream	Released (4.19~rc4)



	Ubuntu 18.04 LTS (Bionic Beaver)	Released (4.15.0-1019.19)
	Ubuntu 16.04 LTS (Xenial Xerus)	Released (4.4.0-1031.37)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-lts-trusty Launchpad, Ubuntu, Debian	Upstream	Released (4.19~rc4)



	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-lts-utopic Launchpad, Ubuntu, Debian	Upstream	Released (4.19~rc4)



	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist (trusty was ignored [out of standard support])
linux-lts-vivid Launchpad, Ubuntu, Debian	Upstream	Released (4.19~rc4)



	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist (trusty was ignored [out of standard support])
linux-lts-wily Launchpad, Ubuntu, Debian	Upstream	Released (4.19~rc4)



	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist (trusty was ignored [out of standard support])
linux-lts-xenial Launchpad, Ubuntu, Debian	Upstream	Released (4.19~rc4)



	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Released (4.4.0-133.159~14.04.1)
linux-maguro Launchpad, Ubuntu, Debian	Upstream	Released (4.19~rc4)



	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist (trusty was ignored [abandoned])
linux-mako Launchpad, Ubuntu, Debian	Upstream	Released (4.19~rc4)



	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 LTS (Xenial Xerus)	Ignored (abandoned)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist (trusty was ignored [abandoned])
linux-manta Launchpad, Ubuntu, Debian	Upstream	Released (4.19~rc4)



	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 LTS (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist (trusty was ignored [abandoned])
linux-oem Launchpad, Ubuntu, Debian	Upstream	Released (4.19~rc4)



	Ubuntu 18.04 LTS (Bionic Beaver)	Released (4.15.0-1015.18)
	Ubuntu 16.04 LTS (Xenial Xerus)	Ignored (was needs-triage now end-of-life)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-raspi2 Launchpad, Ubuntu, Debian	Upstream	Released (4.19~rc4)



	Ubuntu 18.04 LTS (Bionic Beaver)	Released (4.15.0-1020.22)
	Ubuntu 16.04 LTS (Xenial Xerus)	Released (4.4.0-1094.102)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-snapdragon Launchpad, Ubuntu, Debian	Upstream	Released (4.19~rc4)



	Ubuntu 18.04 LTS (Bionic Beaver)	Not vulnerable
	Ubuntu 16.04 LTS (Xenial Xerus)	Released (4.4.0-1098.103)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist

Notes

Author	Note
tyhicks	CERT recommends reverting c2a936600f78aea00d3312ea4b66a79a4619f9b4

References

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu 14.04 Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM