Lucene search

K
ubuntucveUbuntu.comUB:CVE-2018-14641
HistorySep 18, 2018 - 12:00 a.m.

CVE-2018-14641

2018-09-1800:00:00
ubuntu.com
ubuntu.com
8

0.003 Low

EPSS

Percentile

71.4%

A security flaw was found in the ip_frag_reasm() function in
net/ipv4/ip_fragment.c in the Linux kernel from 4.19-rc1 to 4.19-rc3
inclusive, which can cause a later system crash in ip_do_fragment(). With
certain non-default, but non-rare, configuration of a victim host, an
attacker can trigger this crash remotely, thus leading to a remote
denial-of-service.

Notes

Author Note
sbeattie this vulnerability is a result of the fix for CVE-2018-5391/FragmentSmack; however, an alternative fix for CVE-2018-5391 was to revert c2a936600f78aea00d3312ea4b66a79a4619f9b4, which is what the Ubuntu kernels used.