The Linux kernel, versions 4.9+, is vulnerable to denial of service conditions with low rates of specially modified packets.
CVE IDs: CVE-2018-5390
Date Public: 23 Jul 2018
Date First Published: 06 Aug 2018
Date Last Updated: 06 Aug 2018
Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. An attacker can induce a denial of service condition by sending specially modified packets within ongoing TCP sessions. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port. Thus, the attacks cannot be performed using spoofed IP addresses.
A remote attacker may be able to trigger a denial-of-service condition against a system with an available open port.
Apply a patch: Patches for the Linux kernel are available to address the vulnerability.
Group: Base Score: 7.1 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Group: Temporal Score: 6.4 Vector: E:POC/RL:ND/RC:C
Group: Environmental Score: 6.4 Vector: CDP:ND/TD:H/CR:ND/IR:ND/AR:ND