- CVE-2018-5390
- Suggested Configuration
- OR
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 3.18.0 up to (excluding) 3.18.117
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.14.0 up to (excluding) 4.14.59
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.17.0 up to (excluding) 4.17.11
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.4.0 up to (excluding) 4.4.145
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.4.0 up to (excluding) 4.4.161
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.9.0 up to (excluding) 4.9.116
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.9.0 up to (excluding) 4.9.119
- Reference
- https://bugzilla.redhat.com/show_bug.cgi?id=1601704
- https://github.com/torvalds/linux/commit/3d4bf93ac12003f9b8e1e2de37fe27983deebdcf
- https://github.com/torvalds/linux/commit/58152ecbbcc6a0ce7fddd5bf5f6ee535834ece0c
- https://github.com/torvalds/linux/commit/72cd43ba64fc172a443410ce01645895850844c8
- https://github.com/torvalds/linux/commit/8541b21e781a22dce52a74fef0b9bed00404a1cd
- https://github.com/torvalds/linux/commit/f4a3313d8e2ca9fd8d8f45e40a2903ba782607e7
- https://www.kernel.org/pub//linux/kernel/v3.x/ChangeLog-3.18.117
- https://www.kernel.org/pub//linux/kernel/v4.x/ChangeLog-4.14.59
- https://www.kernel.org/pub//linux/kernel/v4.x/ChangeLog-4.17.11
- https://www.kernel.org/pub//linux/kernel/v4.x/ChangeLog-4.4.145
- https://www.kernel.org/pub//linux/kernel/v4.x/ChangeLog-4.4.161
- https://www.kernel.org/pub//linux/kernel/v4.x/ChangeLog-4.9.116
- https://www.kernel.org/pub//linux/kernel/v4.x/ChangeLog-4.9.119
- Reference (Commit)
- tcp: detect malicious patterns in tcp_collapse_ofo_queue()
- Fixed by
- - (3d4bf93ac12003f9b8e1e2de37fe27983deebdcf) (upstream)
- 3.18.117 (d932145a840ebc81e7a029a0531cad8f7a1f0932)
- 4.14.59 (6285a74a536f1ee807488436547cc17cda3306d8)
- 4.17.11 (81a4582f7dc8c3fbf06b2cb6c0bc13d8f372c637)
- 4.4.145 (dc6ae4dffd656811dee7151b19545e4cd839d378)
- 4.9.116 (a878681484a0992ee3dfbd7826439951f9f82a69)
- Will be introduced by
- 2.6.12 (1da177e4c3f4)
- tcp: avoid collapses in tcp_prune_queue() if possible
- Fixed by
- - (f4a3313d8e2ca9fd8d8f45e40a2903ba782607e7) (upstream)
- 3.18.117 (25c28af9ee6a9cfeeb9245e174b3b65d70e614b2)
- 4.14.59 (81e6b01d1c10015811f52bf04ec125bdb291b4b5)
- 4.17.11 (4971f342bd35500fa71d1cbbcc610524ef0a7531)
- 4.4.145 (5fbec4801264cb3279ef6ac9c70bcbe2aaef89d5)
- 4.9.116 (fdf258ed5dd85b57cf0e0e66500be98d38d42d02)
- Will be introduced by
- 2.6.12 (1da177e4c3f4)
- tcp: add tcp_ooo_try_coalesce() helper
- Fixed by
- - (58152ecbbcc6a0ce7fddd5bf5f6ee535834ece0c) (upstream)
- 4.14.59 (22e3d3178b18115ba60cae7c968a67718f070da0)
- 4.17.11 (840e03915bcd08a103beed7c4ee3b78989570aed)
- 4.4.161 (eee1af4e268e10fecb76bce42a8d7343aeb2a5e6)
- 4.9.119 (36ee106e844187e3fc612c9b87f12e5e23e9d8a5)
- Will be introduced by
- tcp: call tcp_drop() from tcp_data_queue_ofo()
- Fixed by
- - (8541b21e781a22dce52a74fef0b9bed00404a1cd) (upstream)
- 4.14.59 (ec645ae62309a85522c2bc8f700afc6e152e62b9)
- 4.17.11 (9ad090e6d0eecdc7978de4f952ff93676b2fcd03)
- 4.4.161 (be288481479ca8c1beba02a7e779ffeaa11f1597)
- 4.9.116 (94623c7463f3424776408df2733012c42b52395a)
- Will be introduced by
- 4.4.161 (4666b6e2b27d)
- https://github.com/torvalds/linux/commit/9f5afeae5152
- tcp: free batches of packets in tcp_prune_ofo_queue()
- Fixed by
- - (72cd43ba64fc172a443410ce01645895850844c8) (upstream)
- 4.14.59 (f3a5ba6310e11df370f6888ed716d1486896d983)
- 4.17.11 (db11182a1e38e7149804962111622b15bd9aeff2)
- 4.4.161 (352b66932a23fb11f0a7c316361220648bca3c79)
- 4.9.116 (2d08921c8da26bdce3d8848ef6f32068f594d7d4)
- Will be introduced by
- https://github.com/torvalds/linux/commit/36a6503fedda
- I Checked
- XXXXXXXXXXXXXXXXXXXXXXXXXXXX is written as upstream commit in each ChangeLog
- From XXXXXXXX commit page, XXXXXXXXXXX is the most oldest in commit-branches area
- For 3.16.35, there is related post at lkml
- For 3.16 series, 3.16.35 is the next release from 3.16.7 which was released at 2014
- https://mirrors.edge.kernel.org/pub/linux/kernel/v3.x/
- XXXX
[CVE Configuration Update Request] Update Suggestion - CVE-2018-5390 - Cvss2 : 7.8 [CVE Configuration Update Request] Update Suggestion - CVE-2018-5390 - Cvss3 : 7.5
https://www.linuxkernelcves.com/cves/CVE-2018-5390 https://gitlab.com/cip-project/cip-kernel/cip-kernel-sec/-/blob/master/issues/CVE-2018-5390.yml https://github.com/witchcraze/NVD_CHECK/blob/main/kernel/CVE-2018-5390.json
lts~lts~lts~esm~