AVG-762

Package linux-hardened
Status Fixed
Severity High
Type denial of service
Affected 4.18.1.a-1
Fixed 4.19.4.a-1
Current 4.19.8.a-1 [extra]
Ticket None
Created Fri Aug 17 22:11:26 2018
Advisory Pending
Issue Severity Remote Type Description
CVE-2018-5391 High Yes Denial of service
A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this...
Notes
fixed in commits of the linux-hardened repository:
  353c9cb36087 ip: add helpers to process in-order fragments faster.
  70837ffe3085 ipv4: frags: precedence bug in ip_expire()
  fa0f527358bd ip: use rb trees for IP frag queue.
  7969e5c40dfd ip: discard IPv4 datagrams with overlapping segments.