[VU:962459] TCP implementations vulnerable to Denial of Service
Severity
High
CVEs
2
Overview
The Linux kernel versions 4.9+ and supported versions of FreeBSD are vulnerable to denial of service conditions with low rates of specially modified packets.
Impact
An remote attacker may be able to trigger a denial-of-service condition against a system with an available open port.
Solution
Apply a patch
Patches for the Linux kernel are available to address the vulnerability. Patches for FreeBSD are available to address the vulnerability.
Acknowledgements
Thanks to Juha-Matti Tilli(Aalto University,Department of Communications and Networking/Nokia Bell Labs)for reporting these vulnerabilities.
- ID
- VU:962459
- Severity
- high
- Severity from
- CVE-2018-5390
- URL
- https://kb.cert.org/vuls/id/962459
- Published
-
2018-08-06T17:11:53
(6 years ago) - Modified
-
2018-09-14T19:29:12
(6 years ago) - Rights
- Copyright 2018, CERT Coordination Center (CERT/CC)
- Other Advisories
-
- ALAS-2018-1049
- ALAS2-2018-1050
- ASA-201808-4
- ASA-201808-5
- ASA-201808-6
- ASA-201808-7
- CISCO-SA-20180824-LINUX-TCP
- DSA-4266-1
- ELSA-2018-2384
- ELSA-2018-2390
- ELSA-2018-4189
- ELSA-2018-4190
- ELSA-2018-4216
- FREEBSD:3C2EEA8C-99BF-11E8-8BEE-A4BADB2F4699
- RHSA-2018:2384
- RHSA-2018:2390
- RHSA-2018:2395
- SUSE-SU-2018:2222-1
- SUSE-SU-2018:2223-1
- SUSE-SU-2018:2328-1
- SUSE-SU-2018:2344-1
- SUSE-SU-2018:2344-2
- SUSE-SU-2018:2374-1
- SUSE-SU-2018:2472-1
- SUSE-SU-2018:2474-1
- SUSE-SU-2018:2596-1
- SUSE-SU-2018:2787-1
- SUSE-SU-2018:2860-1
- SUSE-SU-2018:2864-1
- SUSE-SU-2018:2960-1
- SUSE-SU-2018:2961-1
- SUSE-SU-2018:2962-1
- SUSE-SU-2018:2963-1
- SUSE-SU-2018:3029-1
- SUSE-SU-2018:3172-1
- SUSE-SU-2018:3265-1
- SUSE-SU-2018:3328-1
- SUSE-SU-2018:3470-1
- SUSE-SU-2018:3789-1
- SUSE-SU-2019:0955-1
- SUSE-SU-2019:1425-1
- SUSE-SU-2019:1767-1
- SUSE-SU-2019:1870-1
- SUSE-SU-2019:2230-1
- SUSE-SU-2019:2601-1
- SUSE-SU-2019:2821-1
- USN-3732-1
- USN-3732-2
- USN-3741-1
- USN-3741-2
- USN-3742-1
- USN-3742-2
- USN-3763-1
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |