---

CVE-2018-5391 - log back

CVE-2018-5391 created at 25 Sep 2019 19:31:40
Severity	+ High
Remote	+ Remote
Type	+ Denial of service
Description	+ A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system.
References	+ https://access.redhat.com/articles/3553061 + https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f
Notes