AVG-762 log

Package	linux-hardened
Status	Fixed
Severity	High
Type	denial of service
Affected	4.18.1.a-1
Fixed	4.19.4.a-1
Current	6.8.7.hardened1-3 [extra-testing] 6.8.7.hardened1-2 [extra]
Ticket	None
Created	Fri Aug 17 22:11:26 2018

Issue	Severity	Remote	Type	Description
CVE-2018-5391	High	Yes	Denial of service	A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this...

Notes
fixed in commits of the linux-hardened repository: 353c9cb36087 ip: add helpers to process in-order fragments faster. 70837ffe3085 ipv4: frags: precedence bug in ip_expire() fa0f527358bd ip: use rb trees for IP frag queue. 7969e5c40dfd ip: discard IPv4 datagrams with overlapping segments.

Notes

fixed in commits of the linux-hardened repository:
  353c9cb36087 ip: add helpers to process in-order fragments faster.
  70837ffe3085 ipv4: frags: precedence bug in ip_expire()
  fa0f527358bd ip: use rb trees for IP frag queue.
  7969e5c40dfd ip: discard IPv4 datagrams with overlapping segments.