Lucene search

K
huaweiHuawei TechnologiesHUAWEI-SA-20181031-02-LINUX
HistoryOct 31, 2018 - 12:00 a.m.

Security Advisory - SegmentSmack Vulnerability in Linux Kernel

2018-10-3100:00:00
Huawei Technologies
www.huawei.com
26

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.783

Percentile

98.3%

There is a DoS vulnerability in the Linux Kernel versions 4.9+ known as a SegmentSmack attack. Remote attackers may send TCP packets to Linux kernel to make it calls the very expensive functions tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() of the affected device which can lead to a denial of service. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port. Thus, the attacks cannot be performed using spoofed IP addresses. (Vulnerability ID: HWPSIRT-2018-08114)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2018-5390.
Huawei has released software updates to fix this vulnerability. This advisory is available at the following link:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181031-01-linux-en

Affected configurations

Vulners
Node
huaweialp-al00bRange<10.0.0.162
OR
huaweialp-al00bRange<9.0.0.125
OR
huaweialp-tl00bRange<10.0.0.162
OR
huaweialp-tl00bRange<9.0.0.125
OR
huaweianne-al00_firmwareRange<8.0.0.168
OR
huaweiares-tl00chwRange<8.2.0.163
OR
huaweiatomu-al00bRange<8.0.0.195
OR
huaweiatomu-al10bRange<8.0.0.195
OR
huaweiatomu-al20bRange<8.0.0.195
OR
huaweiatomu-al20indRange<8.0.0.156
OR
huaweiatomu-l29aRange<8.0.0.142
OR
huaweiatomu-l41Range<8.0.0.143
OR
huaweib525s-23aMatchb525s-23atcpu-v100r001b236d01sp00c00
OR
huaweibla-al00bRange<10.0.0.170
OR
huaweibla-al00bRange<9.0.0.125
OR
huaweibla-tl00bMatch8.0.0.113
OR
huaweibla-tl00bMatch8.0.0.113d
OR
huaweibla-tl00bMatch8.0.0.118
OR
huaweibla-tl00bMatch8.0.0.118d
OR
huaweibla-tl00bMatch8.0.0.120
OR
huaweibla-tl00bMatch8.0.0.120d
OR
huaweibla-tl00bMatch8.0.0.125
OR
huaweibla-tl00bMatch8.0.0.125
OR
huaweibla-tl00bMatch8.0.0.125
OR
huaweibla-tl00bMatch8.0.0.126
OR
huaweibla-tl00bMatch8.0.0.126
OR
huaweibla-tl00bMatch8.0.0.126d
OR
huaweibla-tl00bMatch8.0.0.127
OR
huaweibla-tl00bMatch8.0.0.128
OR
huaweibla-tl00bMatch8.0.0.128d
OR
huaweibla-tl00bMatch8.0.0.129
OR
huaweibla-tl00bRange<10.0.0.170
OR
huaweibla-tl00bRange<9.0.0.125
OR
huaweiberkeley-al20Range<8.0.0.202
OR
huaweiberkeley-l09Range<8.0.0.169
OR
huaweiberkeley-l09Range<8.0.0.169
OR
huaweiberkeley-l09Range<8.0.0.169
OR
huaweicolumbia-tl00dRange<8.1.0.181
OR
huaweicolumbia-al10bMatch8.1.0.163
OR
huaweicolumbia-tl00dRange<8.1.0.181
OR
huaweicornell-al00a_firmwareRange<8.2.0.150
OR
huaweicornell-al00a_firmwareRange<9.1.0.346
OR
huaweicornell-l29aRange<8.2.0.132
OR
huaweicornell-tl10bMatch8.2.0.132
OR
huaweidelhi-l42Range<Delhi-L42C185B123
OR
huaweidelhi-l42Range<Delhi-L42C432B136
OR
huaweiduke-l09Matchduke-l09c10b187
OR
huaweiduke-l09Matchduke-l09c432b189
OR
huaweiduke-l09Matchduke-l09c636b189
OR
huaweiemily-l29cRange<8.1.0.154
OR
huaweiemily-l29cRange<9.0.0.159
OR
huaweieulerosMatch2.1.11
OR
huaweieulerosMatch2.1.6
OR
huaweieulerosMatch2.2.rc3
OR
huaweieulerosMatch2.2.rc5
OR
huaweieulerosMatchv200r002c10
OR
huaweieulerosMatchv200r002c20
OR
huaweieulerosMatchv200r003c00
OR
huaweieulerosMatchv200r003c00spc200
OR
huaweieulerosMatchv200r003c00spc503
OR
huaweieulerosMatchv200r003c00spc509
OR
huaweieulerosMatchv200r003c00spc609
OR
huaweieulerosMatchv200r005c00
OR
huaweieulerosMatchv200r005c00spc100
OR
huaweieulerosMatchv200r005c00spc200
OR
huaweieulerosMatchv200r005c00spc300
OR
huaweieulerosMatchv200r005c00spc310
OR
huaweieulerosMatchv200r005c00spc317
OR
huaweieulerosMatchv200r005c00spc318
OR
huaweieulerosMatchv200r007c00spc200
OR
huaweiflorida-al10bMatch8.0.0.120
OR
huaweifusioncomputeMatch6.3.0
OR
huaweifusioncomputeMatch6.3.rc1
OR
huaweifusionsphere_openstackMatchv100r006c00
OR
huaweifusionsphere_openstackMatchv100r006c00rc1
OR
huaweifusionsphere_openstackMatchv100r006c00rc2
OR
huaweifusionsphere_openstackMatchv100r006c00u1
OR
huaweifusionsphere_openstackMatchv100r006c10
OR
huaweifusionsphere_openstackMatchv100r006c10rc1
OR
huaweifusionsphere_openstackMatchv100r006c10rc1b060
OR
huaweifusionsphere_openstackMatchv100r006c10rc2
OR
huaweifusionsphere_openstackMatchv100r006c10spc002b010
OR
huaweifusionsphere_openstackMatchv100r006c10spc100
OR
huaweifusionsphere_openstackMatchv100r006c10spc110
OR
huaweifusionsphere_openstackMatchv100r006c10spc200
OR
huaweifusionsphere_openstackMatchv100r006c10spc200b030
OR
huaweifusionsphere_openstackMatchv100r006c10spc301
OR
huaweifusionsphere_openstackMatchv100r006c10spc500
OR
huaweifusionsphere_openstackMatchv100r006c10spc530
OR
huaweifusionsphere_openstackMatchv100r006c10spc600
OR
huaweifusionsphere_openstackMatchv100r006c10u10
OR
huaweifusionsphere_openstackMatchv100r006c10u20
OR
huaweifusionsphere_openstackMatchv100r006c30
OR
huaweifusionsphere_openstackMatchv100r006c30spc100
OR
huaweimate_20_firmwareMatch9.0.0.107
OR
huaweimate_20_firmwareMatch9.0.0.107
OR
huaweimate_20_firmwareMatchpatch01_cold_ldac_01
OR
huaweimate_20_pro_firmwareMatch9.0.0.108
OR
huaweimate_20_pro_firmwareMatch9.0.0.108
OR
huaweimate_20_pro_firmwareMatch9.0.0.108
OR
huaweimate_20_pro_firmwareMatch9.0.0.108
OR
huaweimate_20_pro_firmwareMatch9.0.0.108
OR
huaweimate_20_pro_firmwareMatch9.0.0.109
OR
huaweimate_20_pro_firmwareMatch9.0.0.109
OR
huaweimate_20_x_firmwareRange<9.0.0.117
OR
huaweihuawei_p20Match8.1.0.105
OR
huaweihuawei_p20Match8.1.0.105d
OR
huaweihuawei_p20Match8.1.0.106
OR
huaweihuawei_p20Match8.1.0.106d
OR
huaweihuawei_p20Match8.1.0.107
OR
huaweihuawei_p20Match8.1.0.107d
OR
huaweihuawei_p20Match8.1.0.108
OR
huaweihuawei_p20Match8.1.0.108
OR
huaweihuawei_p20Match8.1.0.108d
OR
huaweihuawei_p20Match8.1.0.109
OR
huaweihuawei_p20Match8.1.0.112
OR
huaweihuawei_p20Match8.1.0.123
OR
huaweihuawei_p20Match8.1.0.132
OR
huaweihuawei_p20Match8.1.0.150
OR
huaweihuawei_p20Match8.1.0.152d
OR
huaweihuawei_p20Match8.1.0.153
OR
huaweihuawei_p20Match8.1.0.167
OR
huaweihuawei_p20Range<8.1.0.167
OR
huaweihuawei_p20Range<9.0.0.125
OR
huaweihuawei_p20Range<9.0.0.125
OR
huaweihuawei_p20Match8.1.0.106
OR
huaweihuawei_p20Match8.1.0.106d
OR
huaweihuawei_p20Match8.1.0.107
OR
huaweihuawei_p20Match8.1.0.107d
OR
huaweihuawei_p20Match8.1.0.108
OR
huaweihuawei_p20Match8.1.0.108
OR
huaweihuawei_p20Match8.1.0.108d
OR
huaweihuawei_p20Match8.1.0.109
OR
huaweihuawei_p20Match8.1.0.111
OR
huaweihuawei_p20Match8.1.0.123
OR
huaweihuawei_p20Match8.1.0.132
OR
huaweihuawei_p20Match8.1.0.150
OR
huaweihuawei_p20Match8.1.0.152
OR
huaweihuawei_p20Match8.1.0.167
OR
huaweihuawei_p20Match8.1.0.176
OR
huaweihuawei_p20Range<8.1.0.152
OR
huaweihuawei_p20Range<8.1.0.167
OR
huaweihuawei_p20Range<9.0.0.125
OR
huaweihuawei_y6_prime_2018Range<8.0.0.143
OR
huaweihonor_view_10Range<8.1.0.132
OR
huaweijimmy-al00a_firmwareRange<Jimmy-AL00AC00B172
OR
huaweijimmy-tl00aRange<Jimmy-TL00AC01B172
OR
huaweijohnson-al10cRange<9.0.1.156
OR
huaweilon-l29dMatchlon-l29dc721b192
OR
huaweilaya-al00epMatch9.0.0.107
OR
huaweilelandp-al10dRange<9.1.0.141
OR
huaweilelandp-l22dMatch8.0.0.138
OR
huaweilondon-al00bRange<8.0.0.215
OR
huaweilondon-al00cRange<8.0.0.215
OR
huaweilondon-al00dRange<8.0.0.215
OR
huaweilondon-al10Range<8.0.0.215
OR
huaweilondon-al30aRange<8.0.0.215
OR
huaweilondon-al30bRange<8.0.0.215
OR
huaweilondon-al30iMatch8.0.0.150
OR
huaweilondon-al30inRange<8.0.0.166
OR
huaweilondon-al40Range<8.0.0.215
OR
huaweilondon-al40bRange<8.0.0.215
OR
huaweilondon-al40iMatch8.0.0.150
OR
huaweilondon-l29Range<8.0.0.135
OR
huaweilondon-tl00bRange<8.0.0.215
OR
huaweilondon-tl00cRange<8.0.0.215
OR
huaweilondon-tl10Range<8.0.0.215
OR
huaweilondon-tl40Match8.0.0.210
OR
huaweilondon-tl40bRange<8.0.0.215
OR
huaweineo-al00dMatch8.1.0.175
OR
huaweineo-al00dRange<8.1.0.167
OR
huaweioceanstor_18500_firmwareMatchv300r006c01
OR
huaweioceanstor_18800_firmwareMatchv300r006c01
OR
huaweioceanstor_5300_firmwareMatchv300r006c01
OR
huaweioceanstor_5600_v3_firmwareMatchv300r006c01
OR
huaweioceanstor_5800_v3Matchv300r006c01
OR
huaweiprinceton-al10dRange<10.1.0.160
OR
huaweitoronto-l21Range<Toronto-L21C10B176CUSTC10D001
OR
huaweitoronto-l21Range<Toronto-L21C432B181CUSTC432D001
OR
huaweitoronto-l21Range<Toronto-L21C569B180CUSTC569D001
OR
huaweiusg6000vMatchv500r001c10
OR
huaweiusg6000vMatchv500r001c20
OR
huaweiusg6000vMatchv500r003c00
OR
huaweiusg6000vMatchv500r005c00

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.783

Percentile

98.3%