CVE-2018-5391 in Ubuntu

CVE-2018-5391

Priority

Description

The Linux kernel, versions 3.9+, is vulnerable to a denial of service
attack with low rates of specially modified packets targeting IP fragment
re-assembly. An attacker may cause a denial of service condition by sending
specially crafted IP fragments. Various vulnerabilities in IP fragmentation
have been discovered and fixed over the years. The current vulnerability
(CVE-2018-5391) became exploitable in the Linux kernel with the increase of
the IP fragment reassembly queue size.

Ubuntu-Description

Juha-Matti Tilli discovered that the IP implementation in the Linux kernel
performed algorithmically expensive operations in some situations when
handling incoming packet fragments. A remote attacker could use this to
cause a denial of service.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5391
https://www.kb.cert.org/vuls/id/641765
https://ubuntu.com/security/notices/USN-3740-1
https://ubuntu.com/security/notices/USN-3740-2
https://ubuntu.com/security/notices/USN-3741-1
https://ubuntu.com/security/notices/USN-3741-2
https://ubuntu.com/security/notices/USN-3742-1
https://ubuntu.com/security/notices/USN-3742-2

Notes

tyhicks

CERT recommends reverting c2a936600f78aea00d3312ea4b66a79a4619f9b4

Package

Source: linux (LP Ubuntu Debian)

Upstream:	released (4.19~rc4)
Ubuntu 18.04 LTS:	released (4.15.0-32.35)
Ubuntu 16.04 ESM:	released (4.4.0-133.159)
Ubuntu 14.04 ESM:	released (3.13.0-155.205)

Patches:

Introduced by c2a936600f78aea00d3312ea4b66a79a4619f9b4	Fixed by 7969e5c40dfd04799d4341f1b7cd266b6e47f227\|local-2018-5391-fix
Introduced by c2a936600f78aea00d3312ea4b66a79a4619f9b4	Fixed by 385114dec8a49b5e5945e77ba7de6356106713f4\|local-2018-5391-fix
Introduced by c2a936600f78aea00d3312ea4b66a79a4619f9b4	Fixed by fa0f527358bd900ef92f925878ed6bfbd51305cc\|local-2018-5391-fix
Introduced by c2a936600f78aea00d3312ea4b66a79a4619f9b4	Fixed by 70837ffe3085c9a91488b52ca13ac84424da1042\|local-2018-5391-fix
Introduced by c2a936600f78aea00d3312ea4b66a79a4619f9b4	Fixed by 5d407b071dc369c26a38398326ee2be53651cfe4\|local-2018-5391-fix

Package

Source: linux-aws (LP Ubuntu Debian)

Upstream:	released (4.19~rc4)
Ubuntu 18.04 LTS:	released (4.15.0-1019.19)
Ubuntu 16.04 ESM:	released (4.4.0-1065.75)
Ubuntu 14.04 ESM:	released (4.4.0-1027.30)

Patches:

Package

Source: linux-azure (LP Ubuntu Debian)

Upstream:	released (4.19~rc4)
Ubuntu 18.04 LTS:	released (4.15.0-1021.21)
Ubuntu 16.04 ESM:	released (4.15.0-1021.21~16.04.1)
Ubuntu 14.04 ESM:	not-affected (4.15.0-1023.24~14.04.1)

Patches:

Package

Source: linux-azure-edge (LP Ubuntu Debian)

Upstream:	released (4.19~rc4)
Ubuntu 18.04 LTS:	not-affected (4.18.0-1004.4~18.04.1)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-euclid (LP Ubuntu Debian)

Upstream:	released (4.19~rc4)
Ubuntu 18.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-flo (LP Ubuntu Debian)

Upstream:	released (4.19~rc4)
Ubuntu 18.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE (trusty was ignored [abandoned])

Patches:

Package

Source: linux-gcp (LP Ubuntu Debian)

Upstream:	released (4.19~rc4)
Ubuntu 18.04 LTS:	released (4.15.0-1017.18)
Ubuntu 16.04 ESM:	released (4.15.0-1017.18~16.04.1)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gke (LP Ubuntu Debian)

Upstream:	released (4.19~rc4)
Ubuntu 18.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-goldfish (LP Ubuntu Debian)

Upstream:	released (4.19~rc4)
Ubuntu 18.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE (trusty was ignored [abandoned])

Patches:

Package

Source: linux-grouper (LP Ubuntu Debian)

Upstream:	released (4.19~rc4)
Ubuntu 18.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE (trusty was ignored [abandoned])

Patches:

Package

Source: linux-hwe (LP Ubuntu Debian)

Upstream:	released (4.19~rc4)
Ubuntu 18.04 LTS:	not-affected
Ubuntu 16.04 ESM:	released (4.15.0-32.35~16.04.1)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-hwe-edge (LP Ubuntu Debian)

Upstream:	released (4.19~rc4)
Ubuntu 18.04 LTS:	not-affected (4.18.0-11.12~18.04.1)
Ubuntu 16.04 ESM:	released (4.15.0-32.35~16.04.1)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-kvm (LP Ubuntu Debian)

Upstream:	released (4.19~rc4)
Ubuntu 18.04 LTS:	released (4.15.0-1019.19)
Ubuntu 16.04 ESM:	released (4.4.0-1031.37)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-lts-trusty (LP Ubuntu Debian)

Upstream:	released (4.19~rc4)
Ubuntu 18.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-lts-utopic (LP Ubuntu Debian)

Upstream:	released (4.19~rc4)
Ubuntu 18.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE (trusty was ignored [out of standard support])

Patches:

Package

Source: linux-lts-vivid (LP Ubuntu Debian)

Upstream:	released (4.19~rc4)
Ubuntu 18.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE (trusty was ignored [out of standard support])

Patches:

Package

Source: linux-lts-wily (LP Ubuntu Debian)

Upstream:	released (4.19~rc4)
Ubuntu 18.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE (trusty was ignored [out of standard support])

Patches:

Package

Source: linux-lts-xenial (LP Ubuntu Debian)

Upstream:	released (4.19~rc4)
Ubuntu 18.04 LTS:	DNE
Ubuntu 14.04 ESM:	released (4.4.0-133.159~14.04.1)

Patches:

Package

Source: linux-maguro (LP Ubuntu Debian)

Upstream:	released (4.19~rc4)
Ubuntu 18.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE (trusty was ignored [abandoned])

Patches:

Package

Source: linux-mako (LP Ubuntu Debian)

Upstream:	released (4.19~rc4)
Ubuntu 18.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE (trusty was ignored [abandoned])

Patches:

Package

Source: linux-manta (LP Ubuntu Debian)

Upstream:	released (4.19~rc4)
Ubuntu 18.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE (trusty was ignored [abandoned])

Patches:

Package

Source: linux-oem (LP Ubuntu Debian)

Upstream:	released (4.19~rc4)
Ubuntu 18.04 LTS:	released (4.15.0-1015.18)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-raspi2 (LP Ubuntu Debian)

Upstream:	released (4.19~rc4)
Ubuntu 18.04 LTS:	released (4.15.0-1020.22)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-snapdragon (LP Ubuntu Debian)

Upstream:	released (4.19~rc4)
Ubuntu 18.04 LTS:	not-affected
Ubuntu 14.04 ESM:	DNE

Patches:

More Information

Updated: 2022-04-13 13:33:22 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)