1. Home
  2. Vulnerabilities
  3. CVE-2018-5390

CVE-2018-5390

CVSS v3.1 7.5 (High)
75% Progress
CVSS v2.0 7.8 (High)
78% Progress
EPSS 78.30 % (98th)
78.30% Progress
Affected Products 40
Advisories 53
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.

Weaknesses
CWE-400
Uncontrolled Resource Consumption
CVE Status
PUBLISHED
CNA
CERT/CC
Published Date
2018-08-06 20:29:01
(6 years ago)
Updated Date
2023-11-07 02:58:42
(10 months ago)

Affected Products

A10networks

Canonical

Cisco

Debian

F5

Hp

Linux

Redhat

Configuration #1

    CPE23 From Up To
  Redhat Virtualization 4.0 cpe:2.3:a:redhat:virtualization:4.0
  Redhat Enterprise Linux Desktop 7.0 cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
  Redhat Enterprise Linux Server 7.0 cpe:2.3:o:redhat:enterprise_linux_server:7.0
  Redhat Enterprise Linux Server Aus 6.4 cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4
  Redhat Enterprise Linux Server Aus 6.5 cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5
  Redhat Enterprise Linux Server Aus 6.6 cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6
  Redhat Enterprise Linux Server Aus 7.2 cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2
  Redhat Enterprise Linux Server Aus 7.3 cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3
  Redhat Enterprise Linux Server Aus 7.4 cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4
  Redhat Enterprise Linux Server Eus 6.4 cpe:2.3:o:redhat:enterprise_linux_server_eus:6.4
  Redhat Enterprise Linux Server Eus 6.7 cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7
  Redhat Enterprise Linux Server Eus 7.2 cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2
  Redhat Enterprise Linux Server Eus 7.3 cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3
  Redhat Enterprise Linux Server Eus 7.4 cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4
  Redhat Enterprise Linux Server Eus 7.5 cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5
  Redhat Enterprise Linux Server Tus 6.6 cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6
  Redhat Enterprise Linux Server Tus 7.2 cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2
  Redhat Enterprise Linux Server Tus 7.3 cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3
  Redhat Enterprise Linux Server Tus 7.4 cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4
  Redhat Enterprise Linux Workstation 7.0 cpe:2.3:o:redhat:enterprise_linux_workstation:7.0

Configuration #2

    CPE23 From Up To
  Linux Kernel from 4.9 version and prior 4.18 version cpe:2.3:o:linux:linux_kernel >= 4.9 < 4.18
  Linux Kernel 4.18 Rc1 cpe:2.3:o:linux:linux_kernel:4.18:rc1
  Linux Kernel 4.18 Rc2 cpe:2.3:o:linux:linux_kernel:4.18:rc2
  Linux Kernel 4.18 Rc3 cpe:2.3:o:linux:linux_kernel:4.18:rc3
  Linux Kernel 4.18 Rc4 cpe:2.3:o:linux:linux_kernel:4.18:rc4
  Linux Kernel 4.18 Rc5 cpe:2.3:o:linux:linux_kernel:4.18:rc5
  Linux Kernel 4.18 Rc6 cpe:2.3:o:linux:linux_kernel:4.18:rc6

Configuration #3

    CPE23 From Up To
  Canonical Ubuntu Linux 12.04 cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm
  Canonical Ubuntu Linux 14.04 cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts
  Canonical Ubuntu Linux 16.04 cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts
  Canonical Ubuntu Linux 18.04 cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts

Configuration #4

    CPE23 From Up To
  Debian Linux 8.0 cpe:2.3:o:debian:debian_linux:8.0
  Debian Linux 9.0 cpe:2.3:o:debian:debian_linux:9.0

Configuration #5

    CPE23 From Up To
  Hp Aruba Airwave Amp prior 8.2.7.1 version cpe:2.3:a:hp:aruba_airwave_amp < 8.2.7.1
  Hp Aruba Clearpass Policy Manager from 6.6.0 version and 6.6.9 and prior versions cpe:2.3:a:hp:aruba_clearpass_policy_manager >= 6.6.0 <= 6.6.9
  Hp Aruba Clearpass Policy Manager from 6.7.0 version and 6.7.5 and prior versions cpe:2.3:a:hp:aruba_clearpass_policy_manager >= 6.7.0 <= 6.7.5

Configuration #6

    CPE23 From Up To
  F5 Big-ip Access Policy Manager from 11.5.1 version and 11.6.3 and prior versions cpe:2.3:a:f5:big-ip_access_policy_manager >= 11.5.1 <= 11.6.3
  F5 Big-ip Access Policy Manager from 12.1.0 version and 12.1.3 and prior versions cpe:2.3:a:f5:big-ip_access_policy_manager >= 12.1.0 <= 12.1.3
  F5 Big-ip Access Policy Manager from 13.0.0 version and 13.1.1 and prior versions cpe:2.3:a:f5:big-ip_access_policy_manager >= 13.0.0 <= 13.1.1
  F5 Big-ip Access Policy Manager 14.0.0 cpe:2.3:a:f5:big-ip_access_policy_manager:14.0.0
  F5 Big-ip Advanced Firewall Manager from 11.5.1 version and 11.6.3 and prior versions cpe:2.3:a:f5:big-ip_advanced_firewall_manager >= 11.5.1 <= 11.6.3
  F5 Big-ip Advanced Firewall Manager from 12.1.0 version and 12.1.3 and prior versions cpe:2.3:a:f5:big-ip_advanced_firewall_manager >= 12.1.0 <= 12.1.3
  F5 Big-ip Advanced Firewall Manager from 13.0.0 version and 13.1.1 and prior versions cpe:2.3:a:f5:big-ip_advanced_firewall_manager >= 13.0.0 <= 13.1.1
  F5 Big-ip Advanced Firewall Manager 14.0.0 cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.0.0
  F5 Big-ip Analytics from 11.5.1 version and 11.6.3 and prior versions cpe:2.3:a:f5:big-ip_analytics >= 11.5.1 <= 11.6.3
  F5 Big-ip Analytics from 12.1.0 version and 12.1.3 and prior versions cpe:2.3:a:f5:big-ip_analytics >= 12.1.0 <= 12.1.3
  F5 Big-ip Analytics from 13.0.0 version and 13.1.1 and prior versions cpe:2.3:a:f5:big-ip_analytics >= 13.0.0 <= 13.1.1
  F5 Big-ip Analytics 14.0.0 cpe:2.3:a:f5:big-ip_analytics:14.0.0
  F5 Big-ip Application Acceleration Manager from 11.5.1 version and 11.6.3 and prior versions cpe:2.3:a:f5:big-ip_application_acceleration_manager >= 11.5.1 <= 11.6.3
  F5 Big-ip Application Acceleration Manager from 12.1.0 version and 12.1.3 and prior versions cpe:2.3:a:f5:big-ip_application_acceleration_manager >= 12.1.0 <= 12.1.3
  F5 Big-ip Application Acceleration Manager from 13.0.0 version and 13.1.1 and prior versions cpe:2.3:a:f5:big-ip_application_acceleration_manager >= 13.0.0 <= 13.1.1
  F5 Big-ip Application Acceleration Manager 14.0.0 cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.0.0
  F5 Big-ip Application Security Manager from 11.5.1 version and 11.6.3 and prior versions cpe:2.3:a:f5:big-ip_application_security_manager >= 11.5.1 <= 11.6.3
  F5 Big-ip Application Security Manager from 12.1.0 version and 12.1.3 and prior versions cpe:2.3:a:f5:big-ip_application_security_manager >= 12.1.0 <= 12.1.3
  F5 Big-ip Application Security Manager from 13.0.0 version and 13.1.1 and prior versions cpe:2.3:a:f5:big-ip_application_security_manager >= 13.0.0 <= 13.1.1
  F5 Big-ip Application Security Manager 14.0.0 cpe:2.3:a:f5:big-ip_application_security_manager:14.0.0
  F5 Big-ip Domain Name System from 11.5.1 version and 11.6.3 and prior versions cpe:2.3:a:f5:big-ip_domain_name_system >= 11.5.1 <= 11.6.3
  F5 Big-ip Domain Name System from 12.1.0 version and 12.1.3 and prior versions cpe:2.3:a:f5:big-ip_domain_name_system >= 12.1.0 <= 12.1.3
  F5 Big-ip Domain Name System from 13.0.0 version and 13.1.1 and prior versions cpe:2.3:a:f5:big-ip_domain_name_system >= 13.0.0 <= 13.1.1
  F5 Big-ip Domain Name System 14.0.0 cpe:2.3:a:f5:big-ip_domain_name_system:14.0.0
  F5 Big-ip Edge Gateway from 11.5.1. version and 11.6.3 and prior versions cpe:2.3:a:f5:big-ip_edge_gateway >= 11.5.1. <= 11.6.3
  F5 Big-ip Edge Gateway from 12.1.0 version and 12.1.3 and prior versions cpe:2.3:a:f5:big-ip_edge_gateway >= 12.1.0 <= 12.1.3
  F5 Big-ip Edge Gateway from 13.0.0 version and 13.1.1 and prior versions cpe:2.3:a:f5:big-ip_edge_gateway >= 13.0.0 <= 13.1.1
  F5 Big-ip Edge Gateway 14.0.0 cpe:2.3:a:f5:big-ip_edge_gateway:14.0.0
  F5 Big-ip Fraud Protection Service from 11.5.1 version and 11.6.3 and prior versions cpe:2.3:a:f5:big-ip_fraud_protection_service >= 11.5.1 <= 11.6.3
  F5 Big-ip Fraud Protection Service from 12.1.0 version and 12.1.3 and prior versions cpe:2.3:a:f5:big-ip_fraud_protection_service >= 12.1.0 <= 12.1.3
  F5 Big-ip Fraud Protection Service from 13.0.0 version and 13.1.1 and prior versions cpe:2.3:a:f5:big-ip_fraud_protection_service >= 13.0.0 <= 13.1.1
  F5 Big-ip Fraud Protection Service 14.0.0 cpe:2.3:a:f5:big-ip_fraud_protection_service:14.0.0
  F5 Big-ip Global Traffic Manager from 11.5.1 version and 11.6.3 and prior versions cpe:2.3:a:f5:big-ip_global_traffic_manager >= 11.5.1 <= 11.6.3
  F5 Big-ip Global Traffic Manager from 12.1.0 version and 12.1.3 and prior versions cpe:2.3:a:f5:big-ip_global_traffic_manager >= 12.1.0 <= 12.1.3
  F5 Big-ip Global Traffic Manager from 13.0.0 version and 13.1.1 and prior versions cpe:2.3:a:f5:big-ip_global_traffic_manager >= 13.0.0 <= 13.1.1
  F5 Big-ip Global Traffic Manager 14.0.0 cpe:2.3:a:f5:big-ip_global_traffic_manager:14.0.0
  F5 Big-ip Link Controller from 11.5.1 version and 11.6.3 and prior versions cpe:2.3:a:f5:big-ip_link_controller >= 11.5.1 <= 11.6.3
  F5 Big-ip Link Controller from 12.1.0 version and 12.1.3 and prior versions cpe:2.3:a:f5:big-ip_link_controller >= 12.1.0 <= 12.1.3
  F5 Big-ip Link Controller from 13.0.0 version and 13.1.1 and prior versions cpe:2.3:a:f5:big-ip_link_controller >= 13.0.0 <= 13.1.1
  F5 Big-ip Link Controller 14.0.0 cpe:2.3:a:f5:big-ip_link_controller:14.0.0
  F5 Big-ip Local Traffic Manager from 11.5.1 version and 11.6.3 and prior versions cpe:2.3:a:f5:big-ip_local_traffic_manager >= 11.5.1 <= 11.6.3
  F5 Big-ip Local Traffic Manager from 12.0.0 version and 12.1.3 and prior versions cpe:2.3:a:f5:big-ip_local_traffic_manager >= 12.0.0 <= 12.1.3
  F5 Big-ip Local Traffic Manager above 13.0.0 version and 13.1.1 and prior versions cpe:2.3:a:f5:big-ip_local_traffic_manager > 13.0.0 <= 13.1.1
  F5 Big-ip Local Traffic Manager 14.0.0 cpe:2.3:a:f5:big-ip_local_traffic_manager:14.0.0
  F5 Big-ip Policy Enforcement Manager from 11.5.1 version and 11.6.3 and prior versions cpe:2.3:a:f5:big-ip_policy_enforcement_manager >= 11.5.1 <= 11.6.3
  F5 Big-ip Policy Enforcement Manager from 12.1.0 version and 12.1.3 and prior versions cpe:2.3:a:f5:big-ip_policy_enforcement_manager >= 12.1.0 <= 12.1.3
  F5 Big-ip Policy Enforcement Manager from 13.0.0 version and 13.1.1 and prior versions cpe:2.3:a:f5:big-ip_policy_enforcement_manager >= 13.0.0 <= 13.1.1
  F5 Big-ip Policy Enforcement Manager 14.0.0 cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.0.0
  F5 Big-ip Webaccelerator from 11.5.1 version and 11.6.3 and prior versions cpe:2.3:a:f5:big-ip_webaccelerator >= 11.5.1 <= 11.6.3
  F5 Big-ip Webaccelerator from 12.1.0 version and 12.1.3 and prior versions cpe:2.3:a:f5:big-ip_webaccelerator >= 12.1.0 <= 12.1.3
  F5 Big-ip Webaccelerator from 13.0.0 version and 13.1.1 and prior versions cpe:2.3:a:f5:big-ip_webaccelerator >= 13.0.0 <= 13.1.1
  F5 Big-ip Webaccelerator 14.0.0 cpe:2.3:a:f5:big-ip_webaccelerator:14.0.0
  F5 Traffix Systems Signaling Delivery Controller from 5.0.0 version and 5.1.0 and prior versions cpe:2.3:a:f5:traffix_systems_signaling_delivery_controller >= 5.0.0 <= 5.1.0
  F5 Traffix Systems Signaling Delivery Controller 4.4.0 cpe:2.3:a:f5:traffix_systems_signaling_delivery_controller:4.4.0

Configuration #7

    CPE23 From Up To
  A10networks Advanced Core Operating System 3.2.2 cpe:2.3:o:a10networks:advanced_core_operating_system:3.2.2
  A10networks Advanced Core Operating System 3.2.2 P5 cpe:2.3:o:a10networks:advanced_core_operating_system:3.2.2:p5
  A10networks Advanced Core Operating System 4.1.0 cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.0
  A10networks Advanced Core Operating System 4.1.0 P11 cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.0:p11
  A10networks Advanced Core Operating System 4.1.1 P8 cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.1:p8
  A10networks Advanced Core Operating System 4.1.2 cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.2
  A10networks Advanced Core Operating System 4.1.2 P4 cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.2:p4
  A10networks Advanced Core Operating System 4.1.4 cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.4
  A10networks Advanced Core Operating System 4.1.4 P1 cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.4:p1

Configuration #8

    CPE23 From Up To
  Cisco Collaboration Meeting Rooms 1.0 cpe:2.3:a:cisco:collaboration_meeting_rooms:1.0
  Cisco Digital Network Architecture Center 1.2 cpe:2.3:a:cisco:digital_network_architecture_center:1.2
  Cisco Expressway X8.10 cpe:2.3:a:cisco:expressway:x8.10
  Cisco Expressway X8.10.1 cpe:2.3:a:cisco:expressway:x8.10.1
  Cisco Expressway X8.10.2 cpe:2.3:a:cisco:expressway:x8.10.2
  Cisco Expressway X8.10.3 cpe:2.3:a:cisco:expressway:x8.10.3
  Cisco Expressway X8.10.4 cpe:2.3:a:cisco:expressway:x8.10.4
  Cisco Expressway X8.11 cpe:2.3:a:cisco:expressway:x8.11
  Cisco Expressway Series cpe:2.3:a:cisco:expressway_series:-
  Cisco Meeting Management 1.0 cpe:2.3:a:cisco:meeting_management:1.0
  Cisco Meeting Management 1.0.1 cpe:2.3:a:cisco:meeting_management:1.0.1
  Cisco Network Assurance Engine 2.1(1a) cpe:2.3:a:cisco:network_assurance_engine:2.1\%281a\%29
  Cisco Threat Grid-cloud cpe:2.3:a:cisco:threat_grid-cloud:-
  Cisco Webex Hybrid Data Security cpe:2.3:a:cisco:webex_hybrid_data_security:-
  Cisco Webex Video Mesh cpe:2.3:a:cisco:webex_video_mesh:-

Configuration #9

AND
    CPE23 From Up To
OR  
  Cisco Telepresence Video Communication Server Firmware X8.10 cpe:2.3:o:cisco:telepresence_video_communication_server_firmware:x8.10
OR  
  Running on/with
  Cisco Telepresence Video Communication Server Firmware X8.10.1 cpe:2.3:o:cisco:telepresence_video_communication_server_firmware:x8.10.1
OR  
  Running on/with
  Cisco Telepresence Video Communication Server Firmware X8.10.2 cpe:2.3:o:cisco:telepresence_video_communication_server_firmware:x8.10.2
OR  
  Running on/with
  Cisco Telepresence Video Communication Server Firmware X8.10.3 cpe:2.3:o:cisco:telepresence_video_communication_server_firmware:x8.10.3
OR  
  Running on/with
  Cisco Telepresence Video Communication Server Firmware X8.10.4 cpe:2.3:o:cisco:telepresence_video_communication_server_firmware:x8.10.4
OR  
  Running on/with
  Cisco Telepresence Video Communication Server Firmware X8.11 cpe:2.3:o:cisco:telepresence_video_communication_server_firmware:x8.11
OR  
  Running on/with
  Cisco Telepresence Video Communication Server cpe:2.3:h:cisco:telepresence_video_communication_server:-

Configuration #10

AND
    CPE23 From Up To
OR  
  Cisco Telepresence Conductor Firmware Xc4.3 cpe:2.3:o:cisco:telepresence_conductor_firmware:xc4.3
OR  
  Running on/with
  Cisco Telepresence Conductor Firmware Xc4.3.1 cpe:2.3:o:cisco:telepresence_conductor_firmware:xc4.3.1
OR  
  Running on/with
  Cisco Telepresence Conductor Firmware Xc4.3.2 cpe:2.3:o:cisco:telepresence_conductor_firmware:xc4.3.2
OR  
  Running on/with
  Cisco Telepresence Conductor Firmware Xc4.3.3 cpe:2.3:o:cisco:telepresence_conductor_firmware:xc4.3.3
OR  
  Running on/with
  Cisco Telepresence Conductor Firmware Xc4.3.4 cpe:2.3:o:cisco:telepresence_conductor_firmware:xc4.3.4
OR  
  Running on/with
  Cisco Telepresence Conductor cpe:2.3:h:cisco:telepresence_conductor:-