CVE-2018-5390 (CNNVD-201808-175)
HIGH
中文标题:
Linux kernel 输入验证错误漏洞
英文标题:
Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service
CVSS分数:
7.5
发布时间:
2018-08-06 20:00:00
漏洞类型:
资源管理错误
状态:
PUBLISHED
数据质量分数:
0.30
数据版本:
v3
漏洞描述
中文描述:
Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。 Linux kernel 4.9+版本中存在输入验证错误漏洞。攻击者可利用该漏洞造成拒绝服务。
英文描述:
Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.
CWE类型:
CWE-400
标签:
(暂无数据)
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| Linux | Linux Kernel | - | < 4.9* | - |
cpe:2.3:a:linux:linux_kernel:*:*:*:*:*:*:*:*
|
| redhat | virtualization | 4.0 | - | - |
cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*
|
| redhat | enterprise_linux_desktop | 7.0 | - | - |
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
|
| redhat | enterprise_linux_server | 7.0 | - | - |
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
|
| redhat | enterprise_linux_server_aus | 6.4 | - | - |
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*
|
| redhat | enterprise_linux_server_aus | 6.5 | - | - |
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*
|
| redhat | enterprise_linux_server_aus | 6.6 | - | - |
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*
|
| redhat | enterprise_linux_server_aus | 7.2 | - | - |
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
|
| redhat | enterprise_linux_server_aus | 7.3 | - | - |
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
|
| redhat | enterprise_linux_server_aus | 7.4 | - | - |
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
|
| redhat | enterprise_linux_server_eus | 6.4 | - | - |
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.4:*:*:*:*:*:*:*
|
| redhat | enterprise_linux_server_eus | 6.7 | - | - |
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:*
|
| redhat | enterprise_linux_server_eus | 7.2 | - | - |
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*
|
| redhat | enterprise_linux_server_eus | 7.3 | - | - |
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
|
| redhat | enterprise_linux_server_eus | 7.4 | - | - |
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
|
| redhat | enterprise_linux_server_eus | 7.5 | - | - |
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
|
| redhat | enterprise_linux_server_tus | 6.6 | - | - |
cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*
|
| redhat | enterprise_linux_server_tus | 7.2 | - | - |
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
|
| redhat | enterprise_linux_server_tus | 7.3 | - | - |
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
|
| redhat | enterprise_linux_server_tus | 7.4 | - | - |
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*
|
| redhat | enterprise_linux_workstation | 7.0 | - | - |
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
|
| linux | linux_kernel | * | - | - |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
|
| linux | linux_kernel | 4.18 | - | - |
cpe:2.3:o:linux:linux_kernel:4.18:rc1:*:*:*:*:*:*
|
| canonical | ubuntu_linux | 12.04 | - | - |
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
|
| canonical | ubuntu_linux | 14.04 | - | - |
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
|
| canonical | ubuntu_linux | 16.04 | - | - |
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
|
| canonical | ubuntu_linux | 18.04 | - | - |
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
|
| debian | debian_linux | 8.0 | - | - |
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
|
| debian | debian_linux | 9.0 | - | - |
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
|
| hp | aruba_airwave_amp | * | - | - |
cpe:2.3:a:hp:aruba_airwave_amp:*:*:*:*:*:*:*:*
|
| hp | aruba_clearpass_policy_manager | * | - | - |
cpe:2.3:a:hp:aruba_clearpass_policy_manager:*:*:*:*:*:*:*:*
|
| f5 | big-ip_access_policy_manager | * | - | - |
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
|
| f5 | big-ip_access_policy_manager | 14.0.0 | - | - |
cpe:2.3:a:f5:big-ip_access_policy_manager:14.0.0:*:*:*:*:*:*:*
|
| f5 | big-ip_advanced_firewall_manager | * | - | - |
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
|
| f5 | big-ip_advanced_firewall_manager | 14.0.0 | - | - |
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.0.0:*:*:*:*:*:*:*
|
| f5 | big-ip_analytics | * | - | - |
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
|
| f5 | big-ip_analytics | 14.0.0 | - | - |
cpe:2.3:a:f5:big-ip_analytics:14.0.0:*:*:*:*:*:*:*
|
| f5 | big-ip_application_acceleration_manager | * | - | - |
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
|
| f5 | big-ip_application_acceleration_manager | 14.0.0 | - | - |
cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.0.0:*:*:*:*:*:*:*
|
| f5 | big-ip_application_security_manager | * | - | - |
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
|
| f5 | big-ip_application_security_manager | 14.0.0 | - | - |
cpe:2.3:a:f5:big-ip_application_security_manager:14.0.0:*:*:*:*:*:*:*
|
| f5 | big-ip_domain_name_system | * | - | - |
cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*
|
| f5 | big-ip_domain_name_system | 14.0.0 | - | - |
cpe:2.3:a:f5:big-ip_domain_name_system:14.0.0:*:*:*:*:*:*:*
|
| f5 | big-ip_edge_gateway | * | - | - |
cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*
|
| f5 | big-ip_edge_gateway | 14.0.0 | - | - |
cpe:2.3:a:f5:big-ip_edge_gateway:14.0.0:*:*:*:*:*:*:*
|
| f5 | big-ip_fraud_protection_service | * | - | - |
cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*
|
| f5 | big-ip_fraud_protection_service | 14.0.0 | - | - |
cpe:2.3:a:f5:big-ip_fraud_protection_service:14.0.0:*:*:*:*:*:*:*
|
| f5 | big-ip_global_traffic_manager | * | - | - |
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
|
| f5 | big-ip_global_traffic_manager | 14.0.0 | - | - |
cpe:2.3:a:f5:big-ip_global_traffic_manager:14.0.0:*:*:*:*:*:*:*
|
| f5 | big-ip_link_controller | * | - | - |
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
|
| f5 | big-ip_link_controller | 14.0.0 | - | - |
cpe:2.3:a:f5:big-ip_link_controller:14.0.0:*:*:*:*:*:*:*
|
| f5 | big-ip_local_traffic_manager | * | - | - |
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
|
| f5 | big-ip_local_traffic_manager | 14.0.0 | - | - |
cpe:2.3:a:f5:big-ip_local_traffic_manager:14.0.0:*:*:*:*:*:*:*
|
| f5 | big-ip_policy_enforcement_manager | * | - | - |
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
|
| f5 | big-ip_policy_enforcement_manager | 14.0.0 | - | - |
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.0.0:*:*:*:*:*:*:*
|
| f5 | big-ip_webaccelerator | * | - | - |
cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*
|
| f5 | big-ip_webaccelerator | 14.0.0 | - | - |
cpe:2.3:a:f5:big-ip_webaccelerator:14.0.0:*:*:*:*:*:*:*
|
| f5 | traffix_systems_signaling_delivery_controller | * | - | - |
cpe:2.3:a:f5:traffix_systems_signaling_delivery_controller:*:*:*:*:*:*:*:*
|
| f5 | traffix_systems_signaling_delivery_controller | 4.4.0 | - | - |
cpe:2.3:a:f5:traffix_systems_signaling_delivery_controller:4.4.0:*:*:*:*:*:*:*
|
| a10networks | advanced_core_operating_system | 3.2.2 | - | - |
cpe:2.3:o:a10networks:advanced_core_operating_system:3.2.2:*:*:*:*:*:*:*
|
| a10networks | advanced_core_operating_system | 4.1.0 | - | - |
cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.0:*:*:*:*:*:*:*
|
| a10networks | advanced_core_operating_system | 4.1.1 | - | - |
cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.1:p8:*:*:*:*:*:*
|
| a10networks | advanced_core_operating_system | 4.1.2 | - | - |
cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.2:*:*:*:*:*:*:*
|
| a10networks | advanced_core_operating_system | 4.1.4 | - | - |
cpe:2.3:o:a10networks:advanced_core_operating_system:4.1.4:*:*:*:*:*:*:*
|
| cisco | collaboration_meeting_rooms | 1.0 | - | - |
cpe:2.3:a:cisco:collaboration_meeting_rooms:1.0:*:*:*:*:*:*:*
|
| cisco | digital_network_architecture_center | 1.2 | - | - |
cpe:2.3:a:cisco:digital_network_architecture_center:1.2:*:*:*:*:*:*:*
|
| cisco | expressway | x8.10 | - | - |
cpe:2.3:a:cisco:expressway:x8.10:*:*:*:*:*:*:*
|
| cisco | expressway | x8.10.1 | - | - |
cpe:2.3:a:cisco:expressway:x8.10.1:*:*:*:*:*:*:*
|
| cisco | expressway | x8.10.2 | - | - |
cpe:2.3:a:cisco:expressway:x8.10.2:*:*:*:*:*:*:*
|
| cisco | expressway | x8.10.3 | - | - |
cpe:2.3:a:cisco:expressway:x8.10.3:*:*:*:*:*:*:*
|
| cisco | expressway | x8.10.4 | - | - |
cpe:2.3:a:cisco:expressway:x8.10.4:*:*:*:*:*:*:*
|
| cisco | expressway | x8.11 | - | - |
cpe:2.3:a:cisco:expressway:x8.11:*:*:*:*:*:*:*
|
| cisco | expressway_series | - | - | - |
cpe:2.3:a:cisco:expressway_series:-:*:*:*:*:*:*:*
|
| cisco | meeting_management | 1.0 | - | - |
cpe:2.3:a:cisco:meeting_management:1.0:*:*:*:*:*:*:*
|
| cisco | meeting_management | 1.0.1 | - | - |
cpe:2.3:a:cisco:meeting_management:1.0.1:*:*:*:*:*:*:*
|
| cisco | network_assurance_engine | 2.1\(1a\) | - | - |
cpe:2.3:a:cisco:network_assurance_engine:2.1\(1a\):*:*:*:*:*:*:*
|
| cisco | threat_grid-cloud | - | - | - |
cpe:2.3:a:cisco:threat_grid-cloud:-:*:*:*:*:*:*:*
|
| cisco | webex_hybrid_data_security | - | - | - |
cpe:2.3:a:cisco:webex_hybrid_data_security:-:*:*:*:*:*:*:*
|
| cisco | webex_video_mesh | - | - | - |
cpe:2.3:a:cisco:webex_video_mesh:-:*:*:*:*:*:*:*
|
| cisco | telepresence_video_communication_server_firmware | x8.10 | - | - |
cpe:2.3:o:cisco:telepresence_video_communication_server_firmware:x8.10:*:*:*:*:*:*:*
|
| cisco | telepresence_video_communication_server_firmware | x8.10.1 | - | - |
cpe:2.3:o:cisco:telepresence_video_communication_server_firmware:x8.10.1:*:*:*:*:*:*:*
|
| cisco | telepresence_video_communication_server_firmware | x8.10.2 | - | - |
cpe:2.3:o:cisco:telepresence_video_communication_server_firmware:x8.10.2:*:*:*:*:*:*:*
|
| cisco | telepresence_video_communication_server_firmware | x8.10.3 | - | - |
cpe:2.3:o:cisco:telepresence_video_communication_server_firmware:x8.10.3:*:*:*:*:*:*:*
|
| cisco | telepresence_video_communication_server_firmware | x8.10.4 | - | - |
cpe:2.3:o:cisco:telepresence_video_communication_server_firmware:x8.10.4:*:*:*:*:*:*:*
|
| cisco | telepresence_video_communication_server_firmware | x8.11 | - | - |
cpe:2.3:o:cisco:telepresence_video_communication_server_firmware:x8.11:*:*:*:*:*:*:*
|
| cisco | telepresence_conductor_firmware | xc4.3 | - | - |
cpe:2.3:o:cisco:telepresence_conductor_firmware:xc4.3:*:*:*:*:*:*:*
|
| cisco | telepresence_conductor_firmware | xc4.3.1 | - | - |
cpe:2.3:o:cisco:telepresence_conductor_firmware:xc4.3.1:*:*:*:*:*:*:*
|
| cisco | telepresence_conductor_firmware | xc4.3.2 | - | - |
cpe:2.3:o:cisco:telepresence_conductor_firmware:xc4.3.2:*:*:*:*:*:*:*
|
| cisco | telepresence_conductor_firmware | xc4.3.3 | - | - |
cpe:2.3:o:cisco:telepresence_conductor_firmware:xc4.3.3:*:*:*:*:*:*:*
|
| cisco | telepresence_conductor_firmware | xc4.3.4 | - | - |
cpe:2.3:o:cisco:telepresence_conductor_firmware:xc4.3.4:*:*:*:*:*:*:*
|
解决方案
中文解决方案:
(暂无数据)
英文解决方案:
(暂无数据)
临时解决方案:
(暂无数据)
参考链接
RHSA-2018:2785
vendor-advisory
cve.org
访问
cve.org
VU#962459
third-party-advisory
cve.org
访问
cve.org
USN-3741-2
vendor-advisory
cve.org
访问
cve.org
RHSA-2018:2776
vendor-advisory
cve.org
访问
cve.org
RHSA-2018:2933
vendor-advisory
cve.org
访问
cve.org
RHSA-2018:2403
vendor-advisory
cve.org
访问
cve.org
RHSA-2018:2395
vendor-advisory
cve.org
访问
cve.org
USN-3763-1
vendor-advisory
cve.org
访问
cve.org
RHSA-2018:2384
vendor-advisory
cve.org
访问
cve.org
USN-3741-1
vendor-advisory
cve.org
访问
cve.org
RHSA-2018:2402
vendor-advisory
cve.org
访问
cve.org
RHSA-2018:2948
vendor-advisory
cve.org
访问
cve.org
USN-3742-2
vendor-advisory
cve.org
访问
cve.org
1041434
vdb-entry
cve.org
访问
cve.org
USN-3732-2
vendor-advisory
cve.org
访问
cve.org
104976
vdb-entry
cve.org
访问
cve.org
[debian-lts-announce] 20180815 [SECURITY] [DLA 1466-1] linux-4.9 security update
mailing-list
cve.org
访问
cve.org
1041424
vdb-entry
cve.org
访问
cve.org
USN-3742-1
vendor-advisory
cve.org
访问
cve.org
RHSA-2018:2924
vendor-advisory
cve.org
访问
cve.org
20180824 Linux and FreeBSD Kernels TCP Reassembly Denial of Service Vulnerabilities Affecting Cisco Products: August 2018
vendor-advisory
cve.org
访问
cve.org
RHSA-2018:2789
vendor-advisory
cve.org
访问
cve.org
DSA-4266
vendor-advisory
cve.org
访问
cve.org
RHSA-2018:2645
vendor-advisory
cve.org
访问
cve.org
USN-3732-1
vendor-advisory
cve.org
访问
cve.org
RHSA-2018:2791
vendor-advisory
cve.org
访问
cve.org
RHSA-2018:2790
vendor-advisory
cve.org
访问
cve.org
[oss-security] 20190628 Re: linux-distros membership application - Microsoft
mailing-list
cve.org
访问
cve.org
[oss-security] 20190706 Re: linux-distros membership application - Microsoft
mailing-list
cve.org
访问
cve.org
[oss-security] 20190706 Re: linux-distros membership application - Microsoft
mailing-list
cve.org
访问
cve.org
无标题
x_refsource_MISC
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
CVSS评分详情
7.5
HIGH
CVSS向量:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS版本:
3.1
机密性
NONE
完整性
NONE
可用性
HIGH
时间信息
发布时间:
2018-08-06 20:00:00
修改时间:
2024-08-05 05:33:44
创建时间:
2025-11-11 15:35:19
更新时间:
2025-11-11 15:53:53
利用信息
暂无可利用代码信息
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2018-5390 |
2025-11-11 15:19:52 | 2025-11-11 07:35:19 |
| NVD | nvd_CVE-2018-5390 |
2025-11-11 14:55:57 | 2025-11-11 07:43:53 |
| CNNVD | cnnvd_CNNVD-201808-175 |
2025-11-11 15:10:04 | 2025-11-11 07:53:53 |
版本与语言
当前版本:
v3
主要语言:
EN
支持语言:
EN
ZH
安全公告
暂无安全公告信息
变更历史
v3
CNNVD
2025-11-11 15:53:53
vulnerability_type: 未提取 → 资源管理错误; cnnvd_id: 未提取 → CNNVD-201808-175; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']
查看详细变更
- vulnerability_type: 未提取 -> 资源管理错误
- cnnvd_id: 未提取 -> CNNVD-201808-175
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
v2
NVD
2025-11-11 15:43:53
severity: SeverityLevel.MEDIUM → SeverityLevel.HIGH; cvss_score: 未提取 → 7.5; cvss_vector: NOT_EXTRACTED → CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H; cvss_version: NOT_EXTRACTED → 3.1; affected_products_count: 1 → 90; data_sources: ['cve'] → ['cve', 'nvd']
查看详细变更
- severity: SeverityLevel.MEDIUM -> SeverityLevel.HIGH
- cvss_score: 未提取 -> 7.5
- cvss_vector: NOT_EXTRACTED -> CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- cvss_version: NOT_EXTRACTED -> 3.1
- affected_products_count: 1 -> 90
- data_sources: ['cve'] -> ['cve', 'nvd']