7.8

CVE-2018-5390

Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.

Data is provided by the National Vulnerability Database (NVD)
RedhatVirtualization Version4.0
LinuxLinux Kernel Version >= 4.9 < 4.18
LinuxLinux Kernel Version4.18 Updaterc1
LinuxLinux Kernel Version4.18 Updaterc2
LinuxLinux Kernel Version4.18 Updaterc3
LinuxLinux Kernel Version4.18 Updaterc4
LinuxLinux Kernel Version4.18 Updaterc5
LinuxLinux Kernel Version4.18 Updaterc6
CanonicalUbuntu Linux Version12.04 SwEditionesm
CanonicalUbuntu Linux Version14.04 SwEditionlts
CanonicalUbuntu Linux Version16.04 SwEditionlts
CanonicalUbuntu Linux Version18.04 SwEditionlts
DebianDebian Linux Version8.0
DebianDebian Linux Version9.0
HpAruba Airwave Amp Version < 8.2.7.1
HpAruba Clearpass Policy Manager Version >= 6.6.0 <= 6.6.9
HpAruba Clearpass Policy Manager Version >= 6.7.0 <= 6.7.5
F5Big-ip Access Policy Manager Version >= 11.5.1 <= 11.6.3
F5Big-ip Access Policy Manager Version >= 12.1.0 <= 12.1.3
F5Big-ip Access Policy Manager Version >= 13.0.0 <= 13.1.1
F5Big-ip Access Policy Manager Version14.0.0
F5Big-ip Advanced Firewall Manager Version >= 11.5.1 <= 11.6.3
F5Big-ip Advanced Firewall Manager Version >= 12.1.0 <= 12.1.3
F5Big-ip Advanced Firewall Manager Version >= 13.0.0 <= 13.1.1
F5Big-ip Analytics Version >= 11.5.1 <= 11.6.3
F5Big-ip Analytics Version >= 12.1.0 <= 12.1.3
F5Big-ip Analytics Version >= 13.0.0 <= 13.1.1
F5Big-ip Analytics Version14.0.0
F5Big-ip Application Acceleration Manager Version >= 11.5.1 <= 11.6.3
F5Big-ip Application Acceleration Manager Version >= 12.1.0 <= 12.1.3
F5Big-ip Application Acceleration Manager Version >= 13.0.0 <= 13.1.1
F5Big-ip Application Security Manager Version >= 11.5.1 <= 11.6.3
F5Big-ip Application Security Manager Version >= 12.1.0 <= 12.1.3
F5Big-ip Application Security Manager Version >= 13.0.0 <= 13.1.1
F5Big-ip Domain Name System Version >= 11.5.1 <= 11.6.3
F5Big-ip Domain Name System Version >= 12.1.0 <= 12.1.3
F5Big-ip Domain Name System Version >= 13.0.0 <= 13.1.1
F5Big-ip Domain Name System Version14.0.0
F5Big-ip Edge Gateway Version >= 11.5.1. <= 11.6.3
F5Big-ip Edge Gateway Version >= 12.1.0 <= 12.1.3
F5Big-ip Edge Gateway Version >= 13.0.0 <= 13.1.1
F5Big-ip Edge Gateway Version14.0.0
F5Big-ip Fraud Protection Service Version >= 11.5.1 <= 11.6.3
F5Big-ip Fraud Protection Service Version >= 12.1.0 <= 12.1.3
F5Big-ip Fraud Protection Service Version >= 13.0.0 <= 13.1.1
F5Big-ip Global Traffic Manager Version >= 11.5.1 <= 11.6.3
F5Big-ip Global Traffic Manager Version >= 12.1.0 <= 12.1.3
F5Big-ip Global Traffic Manager Version >= 13.0.0 <= 13.1.1
F5Big-ip Global Traffic Manager Version14.0.0
F5Big-ip Link Controller Version >= 11.5.1 <= 11.6.3
F5Big-ip Link Controller Version >= 12.1.0 <= 12.1.3
F5Big-ip Link Controller Version >= 13.0.0 <= 13.1.1
F5Big-ip Link Controller Version14.0.0
F5Big-ip Local Traffic Manager Version >= 11.5.1 <= 11.6.3
F5Big-ip Local Traffic Manager Version >= 12.0.0 <= 12.1.3
F5Big-ip Local Traffic Manager Version > 13.0.0 <= 13.1.1
F5Big-ip Local Traffic Manager Version14.0.0
F5Big-ip Policy Enforcement Manager Version >= 11.5.1 <= 11.6.3
F5Big-ip Policy Enforcement Manager Version >= 12.1.0 <= 12.1.3
F5Big-ip Policy Enforcement Manager Version >= 13.0.0 <= 13.1.1
F5Big-ip Webaccelerator Version >= 11.5.1 <= 11.6.3
F5Big-ip Webaccelerator Version >= 12.1.0 <= 12.1.3
F5Big-ip Webaccelerator Version >= 13.0.0 <= 13.1.1
F5Big-ip Webaccelerator Version14.0.0
F5Traffix Systems Signaling Delivery Controller Version >= 5.0.0 <= 5.1.0
A10networksAdvanced Core Operating System Version3.2.2 Updatep5
A10networksAdvanced Core Operating System Version4.1.0 Updatep11
A10networksAdvanced Core Operating System Version4.1.1 Updatep8
A10networksAdvanced Core Operating System Version4.1.2 Updatep4
A10networksAdvanced Core Operating System Version4.1.4 Updatep1
CiscoExpressway Versionx8.10
CiscoExpressway Versionx8.10.1
CiscoExpressway Versionx8.10.2
CiscoExpressway Versionx8.10.3
CiscoExpressway Versionx8.10.4
CiscoExpressway Versionx8.11
CiscoExpressway Series Version-
CiscoMeeting Management Version1.0
CiscoMeeting Management Version1.0.1
CiscoNetwork Assurance Engine Version2.1(1a)
CiscoThreat Grid-cloud Version-
CiscoWebex Video Mesh Version-
CiscoTelepresence Conductor Firmware Versionxc4.3.1
   CiscoTelepresence Conductor Version-
CiscoTelepresence Conductor Firmware Versionxc4.3.2
   CiscoTelepresence Conductor Version-
CiscoTelepresence Conductor Firmware Versionxc4.3.3
   CiscoTelepresence Conductor Version-
CiscoTelepresence Conductor Firmware Versionxc4.3.4
   CiscoTelepresence Conductor Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 3.92% 0.879
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

https://usn.ubuntu.com/3742-1/
Third Party Advisory
https://usn.ubuntu.com/3742-2/
Third Party Advisory
http://www.securityfocus.com/bid/104976
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041424
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041434
Third Party Advisory
VDB Entry
https://usn.ubuntu.com/3732-1/
Third Party Advisory
https://usn.ubuntu.com/3732-2/
Third Party Advisory
https://usn.ubuntu.com/3741-1/
Third Party Advisory
https://usn.ubuntu.com/3741-2/
Third Party Advisory
https://usn.ubuntu.com/3763-1/
Third Party Advisory
https://www.kb.cert.org/vuls/id/962459
Third Party Advisory
US Government Resource