AVG-761

Package linux-zen
Status Fixed
Severity High
Type denial of service
Affected 4.18.zen1-1
Fixed 4.19.1.zen1-1
Current 4.19.8.zen2-1 [extra]
Ticket None
Created Fri Aug 17 22:09:48 2018
Issue Severity Remote Type Description
CVE-2018-5391 High Yes Denial of service
A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this...
Notes
Fixed in commits:
  5d407b071dc3 ip: frags: fix crash in ip_do_fragment()
  d5c7c9f88e76 Merge remote-tracking branch 'algodev/bfq-mq' into HEAD
  a4fd284a1f8f ip: process in-order fragments efficiently
  353c9cb36087 ip: add helpers to process in-order fragments faster.
  70837ffe3085 ipv4: frags: precedence bug in ip_expire()
  fa0f527358bd ip: use rb trees for IP frag queue.
  7969e5c40dfd ip: discard IPv4 datagrams with overlapping segments.
  89b1698c93a9 Merge ra.kernel.org:/pub/scm/linux/kernel/git/davem/net