The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.
AI analysis not yet available
Plain-English explanation, risk summary, and remediation steps will appear here once AI analysis is complete.
No Fix Known
No patch has been released yet. Apply workarounds or mitigations where available.
| Vendor | Product | Versions | Fixed In |
|---|---|---|---|
| linux | linux_kernel | 3.9 - 4.18 | - |
| redhat | enterprise_linux_desktop | - | - |
| redhat | enterprise_linux_desktop |
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
130
Affected Products
70
References
linux / linux_kernel
| - |
| - |
| redhat | enterprise_linux_server | - | - |
| redhat | enterprise_linux_server | - | - |
| redhat | enterprise_linux_server_aus | - | - |
| redhat | enterprise_linux_server_aus | - | - |
| redhat | enterprise_linux_server_aus | - | - |
| redhat | enterprise_linux_server_aus | - | - |
| redhat | enterprise_linux_server_aus | - | - |
| redhat | enterprise_linux_server_aus | - | - |
| redhat | enterprise_linux_server_eus | - | - |
| redhat | enterprise_linux_server_eus | - | - |
| redhat | enterprise_linux_server_eus | - | - |
| redhat | enterprise_linux_server_eus | - | - |
| redhat | enterprise_linux_server_tus | - | - |
| redhat | enterprise_linux_server_tus | - | - |
| redhat | enterprise_linux_server_tus | - | - |
| redhat | enterprise_linux_server_tus | - | - |
| redhat | enterprise_linux_workstation | - | - |
| redhat | enterprise_linux_workstation | - | - |
| debian | debian_linux | - | - |
| debian | debian_linux | - | - |
| canonical | ubuntu_linux | - | - |
| canonical | ubuntu_linux | - | - |
| canonical | ubuntu_linux | - | - |
| canonical | ubuntu_linux | - | - |
| microsoft | windows_10 | - | - |
| microsoft | windows_10 | - | - |
| microsoft | windows_10 | - | - |
| microsoft | windows_10 | - | - |
| microsoft | windows_10 | - | - |
| microsoft | windows_7 | - | - |
| microsoft | windows_8.1 | - | - |
| microsoft | windows_rt_8.1 | - | - |
| microsoft | windows_server_2008 | - | - |
| microsoft | windows_server_2008 | - | - |
| microsoft | windows_server_2008 | - | - |
| microsoft | windows_server_2012 | - | - |
| microsoft | windows_server_2012 | - | - |
| microsoft | windows_server_2016 | - | - |
| microsoft | windows_server_2016 | - | - |
| microsoft | windows_server_2016 | - | - |
| f5 | big-ip_access_policy_manager | 11.5.1 - 11.6.5.1 | - |
| f5 | big-ip_access_policy_manager | 12.1.0 - 12.1.5 | - |
| f5 | big-ip_access_policy_manager | 13.0.0 - 13.1.3 | - |
| f5 | big-ip_access_policy_manager | 14.0.0 - 14.0.1.1 | - |
| f5 | big-ip_access_policy_manager | 14.1.0 - 14.1.2.4 | - |
| f5 | big-ip_advanced_firewall_manager | 11.5.1 - 11.6.5.1 | - |
| f5 | big-ip_advanced_firewall_manager | 12.1.0 - 12.1.5 | - |
| f5 | big-ip_advanced_firewall_manager | 13.0.0 - 13.1.3 | - |
| f5 | big-ip_advanced_firewall_manager | 14.0.0 - 14.0.1.1 | - |
| f5 | big-ip_advanced_firewall_manager | 14.1.0 - 14.1.2.4 | - |
| f5 | big-ip_analytics | 11.5.1 - 11.6.5.1 | - |
| f5 | big-ip_analytics | 12.1.0 - 12.1.5 | - |
| f5 | big-ip_analytics | 13.0.0 - 13.1.3 | - |
| f5 | big-ip_analytics | 14.0.0 - 14.0.1.1 | - |
| f5 | big-ip_analytics | 14.1.0 - 14.1.2.4 | - |
| f5 | big-ip_application_acceleration_manager | 11.5.1 - 11.6.5.1 | - |
| f5 | big-ip_application_acceleration_manager | 12.1.0 - 12.1.5 | - |
| f5 | big-ip_application_acceleration_manager | 13.0.0 - 13.1.3 | - |
| f5 | big-ip_application_acceleration_manager | 14.0.0 - 14.0.1.1 | - |
| f5 | big-ip_application_acceleration_manager | 14.1.0 - 14.1.2.4 | - |
| f5 | big-ip_application_security_manager | 11.5.1 - 11.6.5.1 | - |
| f5 | big-ip_application_security_manager | 12.1.0 - 12.1.5 | - |
| f5 | big-ip_application_security_manager | 13.0.0 - 13.1.3 | - |
| f5 | big-ip_application_security_manager | 14.0.0 - 14.0.1.1 | - |
| f5 | big-ip_application_security_manager | 14.1.0 - 14.1.2.4 | - |
| f5 | big-ip_domain_name_system | 11.5.1 - 11.6.5.1 | - |
| f5 | big-ip_domain_name_system | 12.1.0 - 12.1.5 | - |
| f5 | big-ip_domain_name_system | 13.0.0 - 13.1.3 | - |
| f5 | big-ip_domain_name_system | 14.0.0 - 14.0.1.1 | - |
| f5 | big-ip_domain_name_system | 14.1.0 - 14.1.2.4 | - |
| f5 | big-ip_edge_gateway | 11.5.1 - 11.6.5.1 | - |
| f5 | big-ip_edge_gateway | 12.1.0 - 12.1.5 | - |
| f5 | big-ip_edge_gateway | 13.0.0 - 13.1.3 | - |
| f5 | big-ip_edge_gateway | 14.0.0 - 14.0.1.1 | - |
| f5 | big-ip_edge_gateway | 14.1.0 - 14.1.2.4 | - |
| f5 | big-ip_fraud_protection_service | 11.5.1 - 11.6.5.1 | - |
| f5 | big-ip_fraud_protection_service | 12.1.0 - 12.1.5 | - |
| f5 | big-ip_fraud_protection_service | 13.0.0 - 13.1.3 | - |
| f5 | big-ip_fraud_protection_service | 14.0.0 - 14.0.1.1 | - |
| f5 | big-ip_fraud_protection_service | 14.1.0 - 14.1.2.4 | - |
| f5 | big-ip_global_traffic_manager | 11.5.1 - 11.6.5.1 | - |
| f5 | big-ip_global_traffic_manager | 12.1.0 - 12.1.5 | - |
| f5 | big-ip_global_traffic_manager | 13.0.0 - 13.1.3 | - |
| f5 | big-ip_global_traffic_manager | 14.0.0 - 14.0.1.1 | - |
| f5 | big-ip_global_traffic_manager | 14.1.0 - 14.1.2.4 | - |
| f5 | big-ip_link_controller | 11.5.1 - 11.6.5.1 | - |
| f5 | big-ip_link_controller | 12.1.0 - 12.1.5 | - |
| f5 | big-ip_link_controller | 13.0.0 - 13.1.3 | - |
| f5 | big-ip_link_controller | 14.0.0 - 14.0.1.1 | - |
| f5 | big-ip_link_controller | 14.1.0 - 14.1.2.4 | - |
| f5 | big-ip_local_traffic_manager | 11.5.1 - 11.6.5.1 | - |
| f5 | big-ip_local_traffic_manager | 12.1.0 - 12.1.5 | - |
| f5 | big-ip_local_traffic_manager | 13.0.0 - 13.1.3 | - |
| f5 | big-ip_local_traffic_manager | 14.0.0 - 14.0.1.1 | - |
| f5 | big-ip_local_traffic_manager | 14.1.0 - 14.1.2.4 | - |
| f5 | big-ip_policy_enforcement_manager | 11.5.1 - 11.6.5.1 | - |
| f5 | big-ip_policy_enforcement_manager | 12.1.0 - 12.1.5 | - |
| f5 | big-ip_policy_enforcement_manager | 13.0.0 - 13.1.3 | - |
| f5 | big-ip_policy_enforcement_manager | 14.0.0 - 14.0.1.1 | - |
| f5 | big-ip_policy_enforcement_manager | 14.1.0 - 14.1.2.4 | - |
| f5 | big-ip_webaccelerator | 11.5.1 - 11.6.5.1 | - |
| f5 | big-ip_webaccelerator | 12.1.0 - 12.1.5 | - |
| f5 | big-ip_webaccelerator | 13.0.0 - 13.1.3 | - |
| f5 | big-ip_webaccelerator | 14.0.0 - 14.0.1.1 | - |
| f5 | big-ip_webaccelerator | 14.1.0 - 14.1.2.4 | - |
| siemens | ruggedcom_rm1224_firmware | 6.1 | - |
| siemens | ruggedcom_rox_ii_firmware | 2.13.3 | - |
| siemens | scalance_m-800_firmware | 6.1 | - |
| siemens | scalance_s615_firmware | 6.1 | - |
| siemens | scalance_sc-600_firmware | 2.0 | - |
| siemens | scalance_w1700_ieee_802.11ac_firmware | 2.0 | - |
| siemens | scalance_w700_ieee_802.11a\/b\/g\/n_firmware | 6.4 | - |
| siemens | simatic_net_cp_1242-7_firmware | 3.2 | - |
| siemens | simatic_net_cp_1243-1_firmware | 3.2 | - |
| siemens | simatic_net_cp_1243-7_lte_eu_firmware | 3.2 | - |
| siemens | simatic_net_cp_1243-7_lte_us_firmware | 3.2 | - |
| siemens | simatic_net_cp_1243-8_irc_firmware | 3.2 | - |
| siemens | simatic_net_cp_1542sp-1_firmware | 2.1 | - |
| siemens | simatic_net_cp_1542sp-1_irc_firmware | 2.1 | - |
| siemens | simatic_net_cp_1543-1_firmware | 2.2 | - |
| siemens | simatic_net_cp_1543sp-1_firmware | 2.1 | - |
| siemens | simatic_rf185c_firmware | 1.3 | - |
| siemens | simatic_rf186c_firmware | 1.3 | - |
| siemens | simatic_rf186ci_firmware | 1.3 | - |
| siemens | simatic_rf188_firmware | 1.3 | - |
| siemens | simatic_rf188ci_firmware | 1.3 | - |
| siemens | sinema_remote_connect_server_firmware | 1.1 - 2.0.1 | - |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability
Impact