Lucene search

K
huaweiHuawei TechnologiesHUAWEI-SA-20190123-01-LINUX
HistoryJan 23, 2019 - 12:00 a.m.

Security Advisory - FragmentSmack Vulnerability in Linux Kernel

2019-01-2300:00:00
Huawei Technologies
www.huawei.com
48

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.017

Percentile

87.7%

There is a DoS vulnerability in the Linux Kernel versions 3.9+ known as a FragmentSmack attack. Remote attackers could send fragmented IPv4 or IPv6 packets to the affected device to trigger time and calculation reassembly algorithms that could consume excessive CPU resources, resulting in a DoS condition. (Vulnerability ID: HWPSIRT-2018-08115)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2018-5391.

Huawei has released software updates to fix this vulnerability. This advisory is available at the following link:

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190123-01-linux-en

Affected configurations

Vulners
Node
huaweiatomu-l03Range<8.0.0.144
OR
huaweiatomu-l11Range<8.0.0.144
OR
huaweiatomu-l21Range<8.0.0.140
OR
huaweiatomu-l23Range<8.0.0.144
OR
huaweiatomu-l29aRange<8.0.0.137
OR
huaweiatomu-l29aRange<8.0.0.142
OR
huaweiatomu-l29aRange<8.0.0.142
OR
huaweiatomu-l29aRange<8.0.0.162
OR
huaweiatomu-l41Range<8.0.0.143
OR
huaweiatomu-l42Range<8.0.0.143
OR
huaweibla-l09cRange<9.0.0.159
OR
huaweibla-l09cRange<9.0.0.160
OR
huaweibla-l09cRange<9.0.0.161
OR
huaweibla-l29cRange<8.0.0.151
OR
huaweibla-l29cRange<9.0.0.159
OR
huaweibla-l29cRange<9.0.0.159
OR
huaweibla-l29cRange<9.0.0.160
OR
huaweibla-l29cRange<9.0.0.161
OR
huaweibla-tl00bRange<9.0.0.156
OR
huaweicharlotte-l09cRange<9.0.0.159
OR
huaweicharlotte-l09cRange<9.0.0.161
OR
huaweicharlotte-l09cRange<9.0.0.163
OR
huaweicharlotte-l29cRange<9.0.0.159
OR
huaweicharlotte-l29cRange<9.0.0.161
OR
huaweicharlotte-l29cRange<9.0.0.163
OR
huaweicharlotte-l29cRange<9.0.0.168
OR
huaweicornell-al00indRange<9.1.0.331
OR
huaweiduke-l09Matchduke-l09c636b189
OR
huaweiemily-l09cRange<9.0.0.159
OR
huaweiemily-l09cRange<9.0.0.160
OR
huaweiemily-l09cRange<9.0.0.161
OR
huaweiemily-l29cRange<8.1.0.154
OR
huaweiemily-l29cRange<9.0.0.159
OR
huaweiemily-l29cRange<9.0.0.159
OR
huaweiemily-l29cRange<9.0.0.160
OR
huaweiemily-l29cRange<9.0.0.161
OR
huaweiemily-l29cRange<9.0.0.168
OR
huaweieulerosMatch2.2.rc3
OR
huaweieulerosMatch2.2.rc5
OR
huaweieulerosMatchv200r002c20
OR
huaweieulerosMatchv200r003c00
OR
huaweieulerosMatchv200r005c00
OR
huaweifigo-l11Range<8.0.0.138
OR
huaweifigo-l11Range<8.0.0.159
OR
huaweifigo-l31Range<8.0.0.125
OR
huaweifigo-l31Range<8.0.0.137
OR
huaweifusionsphere_openstackMatchv100r006c00
OR
huaweifusionsphere_openstackMatchv100r006c00rc2
OR
huaweifusionsphere_openstackMatchv100r006c10
OR
huaweifusionsphere_openstackMatchv100r006c10rc1
OR
huaweifusionsphere_openstackMatchv100r006c10rc2
OR
huaweifusionsphere_openstackMatchv100r006c10spc100
OR
huaweifusionsphere_openstackMatchv100r006c10spc200
OR
huaweifusionsphere_openstackMatchv100r006c10spc301
OR
huaweifusionsphere_openstackMatchv100r006c10spc500
OR
huaweifusionsphere_openstackMatchv100r006c10spc530
OR
huaweifusionsphere_openstackMatchv100r006c10spc600
OR
huaweifusionsphere_openstackMatchv100r006c10u10
OR
huaweifusionsphere_openstackMatchv100r006c10u20
OR
huaweifusionsphere_openstackMatchv100r006c30
OR
huaweifusionsphere_openstackMatchv100r006c30spc100
OR
huaweihuawei_p20Match8.1.0.175
OR
huaweihuawei_p20Match8.1.0.176
OR
huaweihuawei_y6_2018Match8.0.0.133
OR
huaweihuawei_y6_prime_2018Match8.0.0.142
OR
huaweihuawei_y7_2018Match8.0.0.141
OR
huaweijimmy-tl00aRange<Jimmy-TL00AC01B172
OR
huaweileland-al10bRange<8.0.0.133
OR
huaweilondon-al40bRange<8.0.0.216
OR
huaweilondon-tl40bRange<8.0.0.216
OR
huaweineo-al00dMatch8.1.0.175
OR
huaweis6700Matchv200r008c00
OR
huaweiselina-l02Range<Selina-L02C432B159
OR
huaweitoronto-l01Range<Toronto-L01C464B164CUSTC464D001
OR
huaweitoronto-l03Range<Toronto-L03C469B191CUSTC469D001
OR
huaweitoronto-l21Range<Toronto-L21C10B178CUSTC10D001
OR
huaweitoronto-l21Range<Toronto-L21C432B181CUSTC432D001
OR
huaweitoronto-l21Range<Toronto-L21C569B182CUSTC569D001
OR
huaweitoronto-l22Range<Toronto-L22C636B189CUSTC636D001
OR
huaweitoronto-l23Range<Toronto-L23C469B190CUSTC469D001

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.017

Percentile

87.7%