5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.004 Low
EPSS
Percentile
71.7%
A security flaw was found in the ip_frag_reasm() function in
net/ipv4/ip_fragment.c in the Linux kernel from 4.19-rc1 to 4.19-rc3
inclusive, which can cause a later system crash in ip_do_fragment(). With
certain non-default, but non-rare, configuration of a victim host, an
attacker can trigger this crash remotely, thus leading to a remote
denial-of-service.
Author | Note |
---|---|
sbeattie | this vulnerability is a result of the fix for CVE-2018-5391/FragmentSmack; however, an alternative fix for CVE-2018-5391 was to revert c2a936600f78aea00d3312ea4b66a79a4619f9b4, which is what the Ubuntu kernels used. |
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5d407b071dc369c26a38398326ee2be53651cfe4
launchpad.net/bugs/cve/CVE-2018-14641
nvd.nist.gov/vuln/detail/CVE-2018-14641
security-tracker.debian.org/tracker/CVE-2018-14641
www.cve.org/CVERecord?id=CVE-2018-14641
www.openwall.com/lists/oss-security/2018/09/18/1
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.004 Low
EPSS
Percentile
71.7%