Your submission was sent successfully! Close

CVE-2018-5391

Published: 14 August 2018

The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.

From the Ubuntu security team

Juha-Matti Tilli discovered that the IP implementation in the Linux kernel performed algorithmically expensive operations in some situations when handling incoming packet fragments. A remote attacker could use this to cause a denial of service.

Priority

High

CVSS 3 base score: 7.5

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-32.35)
cosmic Not vulnerable
(4.18.0-9.10)
precise Not vulnerable
(3.0.0-12.20)
trusty
Released (3.13.0-155.205)
upstream
Released (4.19~rc4)
xenial
Released (4.4.0-133.159)
linux-aws
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1019.19)
cosmic Not vulnerable
(4.15.0-1020.20)
precise Does not exist

trusty
Released (4.4.0-1027.30)
upstream
Released (4.19~rc4)
xenial
Released (4.4.0-1065.75)
linux-azure
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1021.21)
cosmic Not vulnerable
(4.15.0-1023.24)
precise Does not exist

trusty Not vulnerable
(4.15.0-1023.24~14.04.1)
upstream
Released (4.19~rc4)
xenial
Released (4.15.0-1021.21~16.04.1)
linux-azure-edge
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(4.18.0-1004.4~18.04.1)
cosmic Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (4.19~rc4)
xenial
Released (4.15.0-1021.21)
linux-euclid
Launchpad, Ubuntu, Debian
bionic Does not exist

cosmic Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (4.19~rc4)
xenial
Released (4.4.0-9029.31)
linux-flo
Launchpad, Ubuntu, Debian
bionic Does not exist

cosmic Does not exist

precise Does not exist

trusty Does not exist
(trusty was ignored [abandoned])
upstream
Released (4.19~rc4)
xenial Ignored
(abandoned)
linux-gcp
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1017.18)
cosmic Not vulnerable
(4.15.0-1018.19)
precise Does not exist

trusty Does not exist

upstream
Released (4.19~rc4)
xenial
Released (4.15.0-1017.18~16.04.1)
linux-gke
Launchpad, Ubuntu, Debian
bionic Does not exist

cosmic Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (4.19~rc4)
xenial Ignored
(end-of-life)
linux-goldfish
Launchpad, Ubuntu, Debian
bionic Does not exist

cosmic Does not exist

precise Does not exist

trusty Does not exist
(trusty was ignored [abandoned])
upstream
Released (4.19~rc4)
xenial Ignored
(end-of-life)
linux-grouper
Launchpad, Ubuntu, Debian
bionic Does not exist

cosmic Does not exist

precise Does not exist

trusty Does not exist
(trusty was ignored [abandoned])
upstream
Released (4.19~rc4)
xenial Does not exist

linux-hwe
Launchpad, Ubuntu, Debian
bionic Not vulnerable

cosmic Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (4.19~rc4)
xenial
Released (4.15.0-32.35~16.04.1)
linux-hwe-edge
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(4.18.0-11.12~18.04.1)
cosmic Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (4.19~rc4)
xenial
Released (4.15.0-32.35~16.04.1)
linux-kvm
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1019.19)
cosmic Not vulnerable
(4.18.0-1003.3)
precise Does not exist

trusty Does not exist

upstream
Released (4.19~rc4)
xenial
Released (4.4.0-1031.37)
linux-lts-trusty
Launchpad, Ubuntu, Debian
bionic Does not exist

cosmic Does not exist

precise
Released (3.13.0-155.206~precise1)
trusty Does not exist

upstream
Released (4.19~rc4)
xenial Does not exist

linux-lts-utopic
Launchpad, Ubuntu, Debian
bionic Does not exist

cosmic Does not exist

precise Does not exist

trusty Does not exist
(trusty was ignored [out of standard support])
upstream
Released (4.19~rc4)
xenial Does not exist

linux-lts-vivid
Launchpad, Ubuntu, Debian
bionic Does not exist

cosmic Does not exist

precise Does not exist

trusty Does not exist
(trusty was ignored [out of standard support])
upstream
Released (4.19~rc4)
xenial Does not exist

linux-lts-wily
Launchpad, Ubuntu, Debian
bionic Does not exist

cosmic Does not exist

precise Does not exist

trusty Does not exist
(trusty was ignored [out of standard support])
upstream
Released (4.19~rc4)
xenial Does not exist

linux-lts-xenial
Launchpad, Ubuntu, Debian
bionic Does not exist

cosmic Does not exist

precise Does not exist

trusty
Released (4.4.0-133.159~14.04.1)
upstream
Released (4.19~rc4)
xenial Does not exist

linux-maguro
Launchpad, Ubuntu, Debian
bionic Does not exist

cosmic Does not exist

precise Does not exist

trusty Does not exist
(trusty was ignored [abandoned])
upstream
Released (4.19~rc4)
xenial Does not exist

linux-mako
Launchpad, Ubuntu, Debian
bionic Does not exist

cosmic Does not exist

precise Does not exist

trusty Does not exist
(trusty was ignored [abandoned])
upstream
Released (4.19~rc4)
xenial Ignored
(abandoned)
linux-manta
Launchpad, Ubuntu, Debian
bionic Does not exist

cosmic Does not exist

precise Does not exist

trusty Does not exist
(trusty was ignored [abandoned])
upstream
Released (4.19~rc4)
xenial Does not exist

linux-oem
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1015.18)
cosmic Not vulnerable
(4.15.0-1017.20)
precise Does not exist

trusty Does not exist

upstream
Released (4.19~rc4)
xenial Ignored
(was needs-triage now end-of-life)
linux-raspi2
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1020.22)
cosmic Not vulnerable
(4.18.0-1005.7)
precise Does not exist

trusty Does not exist

upstream
Released (4.19~rc4)
xenial
Released (4.4.0-1094.102)
linux-snapdragon
Launchpad, Ubuntu, Debian
bionic Not vulnerable

cosmic Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (4.19~rc4)
xenial
Released (4.4.0-1098.103)