ID

VAR-201809-1153


CVE

CVE-2018-5391


TITLE

Linux kernel IP fragment re-assembly vulnerable to denial of service

Trust: 0.8

sources: CERT/CC: VU#641765

DESCRIPTION

The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size. Service disruption as a result (DoS) There is a possibility of being attacked. (BZ#1632422) 4. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Bug Fix(es): These updated kernel packages include also numerous bug fixes. Space precludes documenting all of the bug fixes in this advisory. See the descriptions in the related Knowledge Article: https://access.redhat.com/articles/3635371 4. (BZ#1629634) 4. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2018:3590-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:3590 Issue date: 2018-11-13 CVE Names: CVE-2017-18344 CVE-2018-5391 CVE-2018-10675 CVE-2018-14634 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update Support, and Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.2) - noarch, x86_64 Red Hat Enterprise Linux Server E4S (v. 7.2) - noarch, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.2) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.2) - x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.2) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.2) - noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. (CVE-2018-5391) * kernel: out-of-bounds access in the show_timer function in kernel/time/posix-timers.c (CVE-2017-18344) * kernel: mm: use-after-free in do_get_mempolicy function allows local DoS or other unspecified impact (CVE-2018-10675) * kernel: Integer overflow in Linux's create_elf_tables function (CVE-2018-14634) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Juha-Matti Tilli (Aalto University - Department of Communications and Networking and Nokia Bell Labs) for reporting CVE-2018-5391 and Qualys Research Labs for reporting CVE-2018-14634. Bug Fix(es): * Previously, a kernel panic occurred when the kernel tried to make an out of bound access to the array that describes the L1 Terminal Fault (L1TF) mitigation state on systems without Extended Page Tables (EPT) support. This update extends the array of mitigation states to cover all the states, which effectively prevents out of bound array access. Also, this update enables rejecting invalid, irrelevant values, that might be erroneously provided by the userspace. As a result, the kernel no longer panics in the described scenario. (BZ#1629565) * Previously, a packet was missing the User Datagram Protocol (UDP) payload checksum during a full checksum computation, if the hardware checksum was not applied. As a consequence, a packet with an incorrect checksum was dropped by a peer. With this update, the kernel includes the UDP payload checksum during the full checksum computation. As a result, the checksum is computed correctly and the packet can be received by the peer. (BZ#1635792) * Previously, a transform lookup through the xfrm framework could be performed on an already transformed destination cache entry (dst_entry). When using User Datagram Protocol (UDP) over IPv6 with a connected socket in conjunction with Internet Protocol Security (IPsec) in Encapsulating Security Payload (ESP) transport mode. As a consequence, invalid IPv6 fragments transmitted from the host or the kernel occasionally terminated unexpectedly due to a socket buffer (SKB) underrun. With this update, the xfrm lookup on an already transformed dst_entry is not possible. As a result, using UDP iperf utility over IPv6 ESP no longer causes invalid IPv6 fragment transmissions or a kernel panic. (BZ#1639586) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1575065 - CVE-2018-10675 kernel: mm: use-after-free in do_get_mempolicy function allows local DoS or other unspecified impact 1609664 - CVE-2018-5391 kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack) 1610958 - CVE-2017-18344 kernel: out-of-bounds access in the show_timer function in kernel/time/posix-timers.c 1624498 - CVE-2018-14634 kernel: Integer overflow in Linux's create_elf_tables function 6. Package List: Red Hat Enterprise Linux Server AUS (v. 7.2): Source: kernel-3.10.0-327.76.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-327.76.1.el7.noarch.rpm kernel-doc-3.10.0-327.76.1.el7.noarch.rpm x86_64: kernel-3.10.0-327.76.1.el7.x86_64.rpm kernel-debug-3.10.0-327.76.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-327.76.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.76.1.el7.x86_64.rpm kernel-devel-3.10.0-327.76.1.el7.x86_64.rpm kernel-headers-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-327.76.1.el7.x86_64.rpm perf-3.10.0-327.76.1.el7.x86_64.rpm perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm python-perf-3.10.0-327.76.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm Red Hat Enterprise Linux Server E4S (v. 7.2): Source: kernel-3.10.0-327.76.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-327.76.1.el7.noarch.rpm kernel-doc-3.10.0-327.76.1.el7.noarch.rpm x86_64: kernel-3.10.0-327.76.1.el7.x86_64.rpm kernel-debug-3.10.0-327.76.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-327.76.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.76.1.el7.x86_64.rpm kernel-devel-3.10.0-327.76.1.el7.x86_64.rpm kernel-headers-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-327.76.1.el7.x86_64.rpm perf-3.10.0-327.76.1.el7.x86_64.rpm perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm python-perf-3.10.0-327.76.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 7.2): Source: kernel-3.10.0-327.76.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-327.76.1.el7.noarch.rpm kernel-doc-3.10.0-327.76.1.el7.noarch.rpm x86_64: kernel-3.10.0-327.76.1.el7.x86_64.rpm kernel-debug-3.10.0-327.76.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-327.76.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.76.1.el7.x86_64.rpm kernel-devel-3.10.0-327.76.1.el7.x86_64.rpm kernel-headers-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-327.76.1.el7.x86_64.rpm perf-3.10.0-327.76.1.el7.x86_64.rpm perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm python-perf-3.10.0-327.76.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 7.2): x86_64: kernel-debug-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-327.76.1.el7.x86_64.rpm perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional E4S (v. 7.2): x86_64: kernel-debug-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-327.76.1.el7.x86_64.rpm perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional TUS (v. 7.2): x86_64: kernel-debug-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-327.76.1.el7.x86_64.rpm perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.76.1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-18344 https://access.redhat.com/security/cve/CVE-2018-5391 https://access.redhat.com/security/cve/CVE-2018-10675 https://access.redhat.com/security/cve/CVE-2018-14634 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/3553061 https://access.redhat.com/security/vulnerabilities/mutagen-astronomy 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBW+sPDtzjgjWX9erEAQhm3BAAhxwzb8zJTfl0zFY/r9KUzkAdLXY4w39X BgJrVPyl7f6krvQ17HE95Poqz/iUhMOZAweypQXHMRKkmfMTYiLHlKpdIusou2xy y1ZzB1uloI4j2zMdTDRP5yZz06r/NP5A05pLZDA02iR5b07ALLYb5hcL5oBnpQXp 9Xp31qb7TCP+jWtCO1Ot+9GJ3chMNvpYqH0OkGTpq/G7PxGrhIzB6v4p6N5OntD9 5CIebREaGBWn9ViWiUHcthgg+PN2iS2/5ST82g/Jss/WmVVZSiVbayob6/MNQPnb M29VHOmJ6pf5dERNpSqrJrBXeDYCMA6HHD+RT9SmiuQQ8gQ2Rzjy7K97Nn++6x7O nclOTmB7hQZtl0WhgC3xuwtslXGpe9jKSzql03ijTvJRQrczgVWiBS+tpfVAJprV ma2Kchf5ivctaXZ/R62JMyTvNf6HCVdvBNvSNET52ol3PkdpJK7V7mg+H64Mqdrl cBTUDBHHYYWMJted9pHWq7tPs0vy1h9aoFqNdlak5jwr169vldlZMRBbhtvz+OXj V/o+IClbY9UUfibaXDoX7qufeVikW1KQ4L+VhRj3RzXNsu2A8FUAcN7za5Qv5HIe LiC42C+pjvHqS/9gNpBakzKv6nPldWZIfPEuF4zewizBxlTXHPE1ln1hAWKjqVTs 6QJ1Zh7jeUY= =8JOQ -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 6.5) - x86_64 3. Bug Fix(es): * Previously, invalid headers in the sk_buff struct led to an indefinite loop in the tcp_collapse() function. (BZ#1619630) * After updating the system to prevent the L1 Terminal Fault (L1TF) vulnerability, only one thread was detected on systems that offer processing of two threads on a single processor core. With this update, the "__max_smt_threads()" function has been fixed. (BZ#1629632) 4. ========================================================================= Ubuntu Security Notice USN-3741-2 August 14, 2018 linux-lts-xenial, linux-aws vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS Summary: Several security issues were fixed in the Linux kernel. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault (L1TF). A local attacker in a guest virtual machine could use this to expose sensitive information (memory from other guests or the host OS). (CVE-2018-3646) It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault (L1TF). A local attacker could use this to expose sensitive information (memory from the kernel or other processes). (CVE-2018-5391) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: linux-image-4.4.0-1027-aws 4.4.0-1027.30 linux-image-4.4.0-133-generic 4.4.0-133.159~14.04.1 linux-image-4.4.0-133-generic-lpae 4.4.0-133.159~14.04.1 linux-image-4.4.0-133-lowlatency 4.4.0-133.159~14.04.1 linux-image-4.4.0-133-powerpc-e500mc 4.4.0-133.159~14.04.1 linux-image-4.4.0-133-powerpc-smp 4.4.0-133.159~14.04.1 linux-image-4.4.0-133-powerpc64-emb 4.4.0-133.159~14.04.1 linux-image-4.4.0-133-powerpc64-smp 4.4.0-133.159~14.04.1 linux-image-aws 4.4.0.1027.27 linux-image-generic-lpae-lts-xenial 4.4.0.133.113 linux-image-generic-lts-xenial 4.4.0.133.113 linux-image-lowlatency-lts-xenial 4.4.0.133.113 linux-image-powerpc-e500mc-lts-xenial 4.4.0.133.113 linux-image-powerpc-smp-lts-xenial 4.4.0.133.113 linux-image-powerpc64-emb-lts-xenial 4.4.0.133.113 linux-image-powerpc64-smp-lts-xenial 4.4.0.133.113 Please note that the recommended mitigation for CVE-2018-3646 involves updating processor microcode in addition to updating the kernel; however, the kernel includes a fallback for processors that have not received microcode updates. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. 7.3) - ppc64, ppc64le, x86_64 3. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses. Consequently, the node was not available. This update fixes an irq latency source in memory compaction. (BZ#1596281) * Previously, the kernel source code was missing support to report the Speculative Store Bypass Disable (SSBD) vulnerability status on IBM Power Systems and the little-endian variants of IBM Power Systems. As a consequence, the /sys/devices/system/cpu/vulnerabilities/spec_store_bypass file incorrectly reported "Not affected" on both CPU architectures. This fix updates the kernel source code to properly report the SSBD status either as "Vulnerable" or "Mitigation: Kernel entry/exit barrier (TYPE)" where TYPE is one of "eieio", "hwsync", "fallback", or "unknown". As a consequence, the VMs sometimes became unresponsive when booting. This update applies an upstream patch to avoid early microcode update when running under a hypervisor. (BZ#1618388) 4

Trust: 3.42

sources: NVD: CVE-2018-5391 // CERT/CC: VU#641765 // JVNDB: JVNDB-2018-006630 // VULHUB: VHN-135422 // VULMON: CVE-2018-5391 // PACKETSTORM: 150312 // PACKETSTORM: 150057 // PACKETSTORM: 149726 // PACKETSTORM: 149832 // PACKETSTORM: 150315 // PACKETSTORM: 149830 // PACKETSTORM: 150191 // PACKETSTORM: 148916 // PACKETSTORM: 148913 // PACKETSTORM: 149546

AFFECTED PRODUCTS

vendor:canonicalmodel:ubuntu linuxscope:eqversion:16.04

Trust: 1.6

vendor:canonicalmodel:ubuntu linuxscope:eqversion:14.04

Trust: 1.6

vendor:canonicalmodel:ubuntu linuxscope:eqversion:12.04

Trust: 1.6

vendor:canonicalmodel:ubuntu linuxscope:eqversion:18.04

Trust: 1.6

vendor:f5model:big-ip application acceleration managerscope:gteversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip link controllerscope:ltversion:14.1.2.4

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:3.9

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:ltversion:11.6.5.1

Trust: 1.0

vendor:microsoftmodel:windows 10scope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:ltversion:14.0.1.1

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:ltversion:12.1.5

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:gteversion:12.1.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:7.2

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:ltversion:13.1.3

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:7.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:ltversion:14.0.1.1

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:ltversion:11.6.5.1

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:gteversion:14.1.0

Trust: 1.0

vendor:redhatmodel:enterprise linux workstationscope:eqversion:7.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:7.2

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:ltversion:12.1.5

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:ltversion:14.1.2.4

Trust: 1.0

vendor:microsoftmodel:windows server 2008scope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip application security managerscope:ltversion:13.1.3

Trust: 1.0

vendor:f5model:big-ip analyticsscope:gteversion:13.0.0

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:gteversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:gteversion:14.0.0

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:ltversion:14.0.1.1

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:ltversion:11.6.5.1

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:gteversion:12.1.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:7.4

Trust: 1.0

vendor:f5model:big-ip link controllerscope:gteversion:14.0.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:ltversion:12.1.5

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:gteversion:14.1.0

Trust: 1.0

vendor:siemensmodel:scalance sc-600scope:ltversion:2.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:ltversion:13.1.3

Trust: 1.0

vendor:microsoftmodel:windows 10scope:eqversion:1803

Trust: 1.0

vendor:f5model:big-ip link controllerscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:ltversion:13.1.3

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:7.3

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:ltversion:14.1.2.4

Trust: 1.0

vendor:f5model:big-ip link controllerscope:ltversion:13.1.3

Trust: 1.0

vendor:microsoftmodel:windows server 2012scope:eqversion: -

Trust: 1.0

vendor:siemensmodel:simatic rf188scope:ltversion:1.3

Trust: 1.0

vendor:redhatmodel:enterprise linux server eusscope:eqversion:7.5

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:6.6

Trust: 1.0

vendor:redhatmodel:enterprise linux server eusscope:eqversion:7.3

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:gteversion:14.0.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:ltversion:11.6.5.1

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:gteversion:13.0.0

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:gteversion:14.0.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:gteversion:11.5.1

Trust: 1.0

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:8.0

Trust: 1.0

vendor:microsoftmodel:windows 8.1scope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:ltversion:12.1.5

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:gteversion:13.0.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:ltversion:14.0.1.1

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:6.6

Trust: 1.0

vendor:microsoftmodel:windows server 2016scope:eqversion:1709

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:ltversion:14.1.2.4

Trust: 1.0

vendor:f5model:big-ip application security managerscope:gteversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip analyticsscope:ltversion:13.1.3

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:gteversion:14.1.0

Trust: 1.0

vendor:siemensmodel:simatic rf186ciscope:ltversion:1.3

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:gteversion:13.0.0

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:gteversion:14.1.0

Trust: 1.0

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6.0

Trust: 1.0

vendor:microsoftmodel:windows rt 8.1scope:eqversion: -

Trust: 1.0

vendor:microsoftmodel:windows 10scope:eqversion:1703

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:ltversion:13.1.3

Trust: 1.0

vendor:siemensmodel:simatic net cp 1243-7 lte usscope:ltversion:3.2

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:ltversion:11.6.5.1

Trust: 1.0

vendor:f5model:big-ip analyticsscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:ltversion:12.1.5

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:ltversion:14.0.1.1

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:ltversion:14.1.2.4

Trust: 1.0

vendor:microsoftmodel:windows server 2012scope:eqversion:r2

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:ltversion:11.6.5.1

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:gteversion:14.0.0

Trust: 1.0

vendor:siemensmodel:scalance w1700 ieee 802.11acscope:ltversion:2.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:ltversion:12.1.5

Trust: 1.0

vendor:redhatmodel:enterprise linux desktopscope:eqversion:7.0

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:ltversion:14.0.1.1

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:gteversion:14.0.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:gteversion:13.0.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:gteversion:14.1.0

Trust: 1.0

vendor:siemensmodel:simatic net cp 1543-1scope:ltversion:2.2

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:gteversion:14.0.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:ltversion:14.1.2.4

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:7.3

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:gteversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:gteversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:ltversion:11.6.5.1

Trust: 1.0

vendor:siemensmodel:simatic net cp 1242-7scope:ltversion:3.2

Trust: 1.0

vendor:microsoftmodel:windows server 2016scope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip application security managerscope:ltversion:12.1.5

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:gteversion:12.1.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:6.4

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:ltversion:14.0.1.1

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:ltversion:14.1.2.4

Trust: 1.0

vendor:microsoftmodel:windows server 2008scope:eqversion:r2

Trust: 1.0

vendor:siemensmodel:simatic rf188ciscope:ltversion:1.3

Trust: 1.0

vendor:f5model:big-ip analyticsscope:gteversion:14.0.0

Trust: 1.0

vendor:siemensmodel:simatic net cp 1243-1scope:ltversion:3.2

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:ltversion:12.1.5

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:ltversion:14.0.1.1

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:ltversion:14.1.2.4

Trust: 1.0

vendor:siemensmodel:simatic rf186cscope:ltversion:1.3

Trust: 1.0

vendor:f5model:big-ip analyticsscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:ltversion:11.6.5.1

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:ltversion:12.1.5

Trust: 1.0

vendor:f5model:big-ip link controllerscope:ltversion:12.1.5

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:gteversion:13.0.0

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:gteversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:ltversion:14.0.1.1

Trust: 1.0

vendor:siemensmodel:sinema remote connect serverscope:ltversion:2.0.1

Trust: 1.0

vendor:siemensmodel:simatic net cp 1542sp-1 ircscope:ltversion:2.1

Trust: 1.0

vendor:microsoftmodel:windows server 2016scope:eqversion:1803

Trust: 1.0

vendor:siemensmodel:sinema remote connect serverscope:gteversion:1.1

Trust: 1.0

vendor:f5model:big-ip analyticsscope:ltversion:11.6.5.1

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:ltversion:13.1.3

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:gteversion:13.0.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:ltversion:12.1.5

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:gteversion:14.0.0

Trust: 1.0

vendor:f5model:big-ip link controllerscope:gteversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip application security managerscope:ltversion:14.1.2.4

Trust: 1.0

vendor:siemensmodel:scalance m-800scope:ltversion:6.1

Trust: 1.0

vendor:f5model:big-ip application security managerscope:gteversion:13.0.0

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:ltversion:11.6.5.1

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:ltversion:13.1.3

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:ltversion:12.1.5

Trust: 1.0

vendor:f5model:big-ip edge gatewayscope:ltversion:13.1.3

Trust: 1.0

vendor:siemensmodel:simatic net cp 1243-7 lte euscope:ltversion:3.2

Trust: 1.0

vendor:f5model:big-ip application security managerscope:ltversion:14.0.1.1

Trust: 1.0

vendor:siemensmodel:simatic rf185cscope:ltversion:1.3

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:gteversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:gteversion:13.0.0

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:ltversion:13.1.3

Trust: 1.0

vendor:linuxmodel:kernelscope:lteversion:4.18

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:ltversion:14.1.2.4

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:ltversion:13.1.3

Trust: 1.0

vendor:siemensmodel:ruggedcom rm1224scope:ltversion:6.1

Trust: 1.0

vendor:f5model:big-ip link controllerscope:gteversion:13.0.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:6.5

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:gteversion:14.0.0

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:ltversion:11.6.5.1

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:ltversion:14.0.1.1

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:gteversion:14.0.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:gteversion:14.0.0

Trust: 1.0

vendor:siemensmodel:ruggedcom rox iiscope:ltversion:2.13.3

Trust: 1.0

vendor:siemensmodel:scalance s615scope:ltversion:6.1

Trust: 1.0

vendor:microsoftmodel:windows 10scope:eqversion:1607

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:ltversion:13.1.3

Trust: 1.0

vendor:f5model:big-ip analyticsscope:ltversion:14.1.2.4

Trust: 1.0

vendor:siemensmodel:simatic net cp 1243-8 ircscope:ltversion:3.2

Trust: 1.0

vendor:f5model:big-ip link controllerscope:ltversion:11.6.5.1

Trust: 1.0

vendor:f5model:big-ip advanced firewall managerscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:gteversion:13.0.0

Trust: 1.0

vendor:microsoftmodel:windows 10scope:eqversion:1709

Trust: 1.0

vendor:f5model:big-ip application acceleration managerscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:gteversion:14.1.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:gteversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:gteversion:13.0.0

Trust: 1.0

vendor:f5model:big-ip application security managerscope:gteversion:12.1.0

Trust: 1.0

vendor:microsoftmodel:windows 7scope:eqversion: -

Trust: 1.0

vendor:f5model:big-ip analyticsscope:ltversion:14.0.1.1

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:ltversion:14.1.2.4

Trust: 1.0

vendor:f5model:big-ip webacceleratorscope:gteversion:11.5.1

Trust: 1.0

vendor:siemensmodel:scalance w700 ieee 802.11a\/b\/g\/nscope:ltversion:6.4

Trust: 1.0

vendor:f5model:big-ip access policy managerscope:gteversion:11.5.1

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:ltversion:11.6.5.1

Trust: 1.0

vendor:siemensmodel:simatic net cp 1543sp-1scope:ltversion:2.1

Trust: 1.0

vendor:f5model:big-ip domain name systemscope:ltversion:14.0.1.1

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip fraud protection servicescope:ltversion:12.1.5

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:7.4

Trust: 1.0

vendor:redhatmodel:enterprise linux server eusscope:eqversion:7.4

Trust: 1.0

vendor:f5model:big-ip link controllerscope:gteversion:12.1.0

Trust: 1.0

vendor:f5model:big-ip global traffic managerscope:gteversion:13.0.0

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:6.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server eusscope:eqversion:6.7

Trust: 1.0

vendor:f5model:big-ip policy enforcement managerscope:ltversion:14.1.2.4

Trust: 1.0

vendor:siemensmodel:simatic net cp 1542sp-1scope:ltversion:2.1

Trust: 1.0

vendor:f5model:big-ip local traffic managerscope:gteversion:14.0.0

Trust: 1.0

vendor:f5model:big-ip analyticsscope:gteversion:11.5.1

Trust: 1.0

vendor:aristamodel: - scope: - version: -

Trust: 0.8

vendor:check pointmodel: - scope: - version: -

Trust: 0.8

vendor:debian gnu linuxmodel: - scope: - version: -

Trust: 0.8

vendor:microsoftmodel: - scope: - version: -

Trust: 0.8

vendor:red hatmodel: - scope: - version: -

Trust: 0.8

vendor:suse linuxmodel: - scope: - version: -

Trust: 0.8

vendor:ubuntumodel: - scope: - version: -

Trust: 0.8

vendor:linuxmodel:kernelscope: - version: -

Trust: 0.8

sources: CERT/CC: VU#641765 // JVNDB: JVNDB-2018-006630 // CNNVD: CNNVD-201808-570 // NVD: CVE-2018-5391

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-5391
value: HIGH

Trust: 1.0

NVD: CVE-2018-5391
value: HIGH

Trust: 0.8

JPCERT/CC: JVNDB-2018-006630
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201808-570
value: HIGH

Trust: 0.6

VULHUB: VHN-135422
value: HIGH

Trust: 0.1

VULMON: CVE-2018-5391
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-5391
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: CVE-2018-5391
severity: HIGH
baseScore: 7.8
vectorString: NONE
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

JPCERT/CC: JVNDB-2018-006630
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-135422
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-5391
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

JPCERT/CC: JVNDB-2018-006630
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CERT/CC: VU#641765 // VULHUB: VHN-135422 // VULMON: CVE-2018-5391 // JVNDB: JVNDB-2018-006630 // CNNVD: CNNVD-201808-570 // NVD: CVE-2018-5391

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.8

problemtype:CWE-20

Trust: 1.1

sources: VULHUB: VHN-135422 // JVNDB: JVNDB-2018-006630 // NVD: CVE-2018-5391

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201808-570

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201808-570

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-006630

PATCH

title:株式会社インターネットイニシアティブからの情報url:https://jvn.jp/vu/JVNVU93630542/317632/index.html

Trust: 0.8

title:Linux kernel Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=84156

Trust: 0.6

title:Red Hat: Important: kernel security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20182846 - Security Advisory

Trust: 0.1

title:Red Hat: Important: kernel security, bug fix, and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20183459 - Security Advisory

Trust: 0.1

title:Red Hat: Important: kernel security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20182785 - Security Advisory

Trust: 0.1

title:Red Hat: Important: kernel security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20182925 - Security Advisory

Trust: 0.1

title:Debian Security Advisories: DSA-4272-1 linux -- security updateurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=c4fc75c3940ecd62e6e3d43c90c1ead1

Trust: 0.1

title:Red Hat: Important: kernel security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20182791 - Security Advisory

Trust: 0.1

title:Red Hat: Important: kernel security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20182924 - Security Advisory

Trust: 0.1

title:Red Hat: Important: kernel security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20183590 - Security Advisory

Trust: 0.1

title:Red Hat: Important: kernel security, bug fix, and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20183540 - Security Advisory

Trust: 0.1

title:Red Hat: Important: kernel security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20182933 - Security Advisory

Trust: 0.1

title:Red Hat: Important: kernel-rt security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20183586 - Security Advisory

Trust: 0.1

title:Arch Linux Advisories: [ASA-201903-11] linux-hardened: denial of serviceurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-201903-11

Trust: 0.1

title:Ubuntu Security Notice: linux-hwe, linux-azure, linux-gcp vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3740-2

Trust: 0.1

title:IBM: IBM Security Bulletin: Vulnerability in the Linux kernel affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (CVE-2018-5391)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=0e5803196f7b186e3c0e200d43325ad6

Trust: 0.1

title:Red Hat: CVE-2018-5391url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2018-5391

Trust: 0.1

title:Cisco: Linux Kernel IP Fragment Reassembly Denial of Service Vulnerability Affecting Cisco Products: August 2018url:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20180824-linux-ip-fragment

Trust: 0.1

title:Ubuntu Security Notice: linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oem, linux-raspi2 vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3740-1

Trust: 0.1

title:Arch Linux Issues: url:https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2018-5391

Trust: 0.1

title:Ubuntu Security Notice: linux regressionsurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3741-3

Trust: 0.1

title:Ubuntu Security Notice: linux-lts-xenial, linux-aws vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3741-2

Trust: 0.1

title:IBM: IBM Security Bulletin: This Power System update is being released to address CVE-2018-5391url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=c5babfeb02fdf3e145c777d8eb6dfd0f

Trust: 0.1

title:Ubuntu Security Notice: linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3741-1

Trust: 0.1

title:IBM: IBM Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerability (CVE-2018-5391)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=cb5671de27781f97454cf1b56d2087e0

Trust: 0.1

title:IBM: IBM Security Bulletin: IBM MQ Appliance is affected by a kernel vulnerability (CVE-2018-5391)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=4b24750b4f4494d02c26c4b32a0e107a

Trust: 0.1

title:Ubuntu Security Notice: linux-lts-trusty regressionsurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3742-3

Trust: 0.1

title:Ubuntu Security Notice: linux-lts-trusty vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3742-2

Trust: 0.1

title:Ubuntu Security Notice: linux vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3742-1

Trust: 0.1

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=d3eead9065d15844d9f0f319ebc3ef51

Trust: 0.1

title:Amazon Linux AMI: ALAS-2018-1058url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2018-1058

Trust: 0.1

title:Amazon Linux 2: ALAS2-2018-1058url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2018-1058

Trust: 0.1

title:Palo Alto Networks Security Advisory: url:https://vulmon.com/vendoradvisory?qidtp=palo_alto_networks_security_advisory&qid=0944feb15e174ce784cc2c5c40d923ea

Trust: 0.1

title:Red Hat: Important: kernel-alt security, bug fix, and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20182948 - Security Advisory

Trust: 0.1

title:Palo Alto Networks Security Advisory: CVE-2018-5391 Information about FragmentSmack findingsurl:https://vulmon.com/vendoradvisory?qidtp=palo_alto_networks_security_advisory&qid=3c616fb9e55ec6924cfd6ba2622c6c7e

Trust: 0.1

title:Red Hat: Important: kernel security, bug fix, and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20183083 - Security Advisory

Trust: 0.1

title:Red Hat: Important: kernel-rt security, bug fix, and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20183096 - Security Advisory

Trust: 0.1

title:Symantec Security Advisories: Linux Kernel Aug 2017 - Sep 2018 Vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories&qid=b3193a96468975c04eb9f136ca9abec4

Trust: 0.1

title:IBM: IBM Security Bulletin: IBM Security Guardium is affected by Red Hat kernel vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=75b9d198a73a91d81765c8b428423224

Trust: 0.1

title:Oracle Linux Bulletins: Oracle Linux Bulletin - July 2018url:https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins&qid=204a1aa9ebf7b5f47151e8b011269862

Trust: 0.1

title:Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - July 2018url:https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins&qid=05b5bbd6fb289370b459faf1f4e3919d

Trust: 0.1

title:Oracle Linux Bulletins: Oracle Linux Bulletin - October 2018url:https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins&qid=9cb9a8ed428c6faca615e91d2f1a216d

Trust: 0.1

title:IBM: IBM Security Bulletin: Multiple Security Vulnerabilities have been fixed in IBM Security Privileged Identity Manager Appliance.url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=f5bb2b180c7c77e5a02747a1f31830d9

Trust: 0.1

title:IBM: IBM Security Bulletin: IBM API Connect has addressed multiple vulnerabilities in Developer Portal’s dependencies – Cumulative list from June 28, 2018 to December 13, 2018url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=43da2cd72c1e378d8d94ecec029fcc61

Trust: 0.1

title:my_refurl:https://github.com/chetanshirke/my_ref

Trust: 0.1

title: - url:https://github.com/ozipoetra/natvps-dns

Trust: 0.1

title:cve_diff_checkerurl:https://github.com/lcatro/cve_diff_checker

Trust: 0.1

title:SamsungReleaseNotesurl:https://github.com/samreleasenotes/SamsungReleaseNotes

Trust: 0.1

title:BleepingComputerurl:https://www.bleepingcomputer.com/news/security/windows-systems-vulnerable-to-fragmentsmack-90s-like-dos-bug/

Trust: 0.1

title:BleepingComputerurl:https://www.bleepingcomputer.com/news/linux/two-ddos-friendly-bugs-fixed-in-linux-kernel/

Trust: 0.1

title:BleepingComputerurl:https://www.bleepingcomputer.com/news/security/over-80-cisco-products-affected-by-fragmentsmack-dos-bug/

Trust: 0.1

sources: VULMON: CVE-2018-5391 // JVNDB: JVNDB-2018-006630 // CNNVD: CNNVD-201808-570

EXTERNAL IDS

db:NVDid:CVE-2018-5391

Trust: 3.6

db:CERT/CCid:VU#641765

Trust: 3.4

db:OPENWALLid:OSS-SECURITY/2019/06/28/2

Trust: 1.8

db:OPENWALLid:OSS-SECURITY/2019/07/06/4

Trust: 1.8

db:OPENWALLid:OSS-SECURITY/2019/07/06/3

Trust: 1.8

db:SIEMENSid:SSA-377115

Trust: 1.8

db:SECTRACKid:1041476

Trust: 1.8

db:SECTRACKid:1041637

Trust: 1.8

db:BIDid:105108

Trust: 1.8

db:JVNid:JVNVU93630542

Trust: 0.8

db:JVNDBid:JVNDB-2018-006630

Trust: 0.8

db:CNNVDid:CNNVD-201808-570

Trust: 0.7

db:AUSCERTid:ESB-2019.0545

Trust: 0.6

db:AUSCERTid:ESB-2019.0623

Trust: 0.6

db:AUSCERTid:ESB-2019.0854

Trust: 0.6

db:AUSCERTid:ESB-2020.1315

Trust: 0.6

db:AUSCERTid:ESB-2019.0675

Trust: 0.6

db:ICS CERTid:ICSA-20-105-05

Trust: 0.6

db:PACKETSTORMid:148928

Trust: 0.1

db:VULHUBid:VHN-135422

Trust: 0.1

db:VULMONid:CVE-2018-5391

Trust: 0.1

db:PACKETSTORMid:150312

Trust: 0.1

db:PACKETSTORMid:150057

Trust: 0.1

db:PACKETSTORMid:149726

Trust: 0.1

db:PACKETSTORMid:149832

Trust: 0.1

db:PACKETSTORMid:150315

Trust: 0.1

db:PACKETSTORMid:149830

Trust: 0.1

db:PACKETSTORMid:150191

Trust: 0.1

db:PACKETSTORMid:148916

Trust: 0.1

db:PACKETSTORMid:148913

Trust: 0.1

db:PACKETSTORMid:149546

Trust: 0.1

sources: CERT/CC: VU#641765 // VULHUB: VHN-135422 // VULMON: CVE-2018-5391 // JVNDB: JVNDB-2018-006630 // PACKETSTORM: 150312 // PACKETSTORM: 150057 // PACKETSTORM: 149726 // PACKETSTORM: 149832 // PACKETSTORM: 150315 // PACKETSTORM: 149830 // PACKETSTORM: 150191 // PACKETSTORM: 148916 // PACKETSTORM: 148913 // PACKETSTORM: 149546 // CNNVD: CNNVD-201808-570 // NVD: CVE-2018-5391

REFERENCES

url:http://www.securityfocus.com/bid/105108

Trust: 3.0

url:https://www.kb.cert.org/vuls/id/641765

Trust: 2.7

url:https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html

Trust: 2.4

url:https://access.redhat.com/errata/rhsa-2018:2785

Trust: 1.9

url:https://access.redhat.com/errata/rhsa-2018:2846

Trust: 1.9

url:https://access.redhat.com/errata/rhsa-2018:2925

Trust: 1.9

url:https://access.redhat.com/errata/rhsa-2018:2933

Trust: 1.9

url:https://access.redhat.com/errata/rhsa-2018:3096

Trust: 1.9

url:https://access.redhat.com/errata/rhsa-2018:3459

Trust: 1.9

url:https://access.redhat.com/errata/rhsa-2018:3586

Trust: 1.9

url:https://access.redhat.com/errata/rhsa-2018:3590

Trust: 1.9

url:http://www.arubanetworks.com/assets/alert/aruba-psa-2018-004.txt

Trust: 1.8

url:http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en

Trust: 1.8

url:https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf

Trust: 1.8

url:https://security.netapp.com/advisory/ntap-20181003-0002/

Trust: 1.8

url:https://www.debian.org/security/2018/dsa-4272

Trust: 1.8

url:https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f

Trust: 1.8

url:https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html

Trust: 1.8

url:http://www.openwall.com/lists/oss-security/2019/06/28/2

Trust: 1.8

url:http://www.openwall.com/lists/oss-security/2019/07/06/3

Trust: 1.8

url:http://www.openwall.com/lists/oss-security/2019/07/06/4

Trust: 1.8

url:https://access.redhat.com/errata/rhsa-2018:2791

Trust: 1.8

url:https://access.redhat.com/errata/rhsa-2018:2924

Trust: 1.8

url:https://access.redhat.com/errata/rhsa-2018:2948

Trust: 1.8

url:https://access.redhat.com/errata/rhsa-2018:3083

Trust: 1.8

url:https://access.redhat.com/errata/rhsa-2018:3540

Trust: 1.8

url:http://www.securitytracker.com/id/1041476

Trust: 1.8

url:http://www.securitytracker.com/id/1041637

Trust: 1.8

url:https://usn.ubuntu.com/3740-1/

Trust: 1.8

url:https://usn.ubuntu.com/3740-2/

Trust: 1.8

url:https://usn.ubuntu.com/3741-1/

Trust: 1.8

url:https://usn.ubuntu.com/3741-2/

Trust: 1.8

url:https://usn.ubuntu.com/3742-1/

Trust: 1.8

url:https://usn.ubuntu.com/3742-2/

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-5391

Trust: 1.8

url:https://support.f5.com/csp/article/k74374841?utm_source=f5support&amp%3butm_medium=rss

Trust: 1.1

url:about vulnerability notes

Trust: 0.8

url:contact us about this vulnerability

Trust: 0.8

url:provide a vendor statement

Trust: 0.8

url:https://www.arista.com/en/support/advisories-notices/security-advisories/5782-security-advisory-37

Trust: 0.8

url:https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=&solutionid=sk134253

Trust: 0.8

url:https://security-tracker.debian.org/tracker/cve-2018-5391

Trust: 0.8

url:https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/adv180022

Trust: 0.8

url:https://access.redhat.com/articles/3553061https://bugzilla.redhat.com/show_bug.cgi?id=cve-2018-5391

Trust: 0.8

url:https://www.suse.com/security/cve/cve-2018-5391

Trust: 0.8

url:https://people.canonical.com/

Trust: 0.8

url:https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-690

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5391

Trust: 0.8

url:https://jvn.jp/vu/jvnvu93630542/

Trust: 0.8

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.8

url:https://access.redhat.com/security/cve/cve-2018-5391

Trust: 0.8

url:https://bugzilla.redhat.com/):

Trust: 0.8

url:https://access.redhat.com/security/team/key/

Trust: 0.8

url:https://access.redhat.com/articles/11258

Trust: 0.8

url:https://access.redhat.com/security/team/contact/

Trust: 0.8

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.8

url:https://access.redhat.com/articles/3553061

Trust: 0.6

url:https://support.f5.com/csp/article/k74374841?utm_source=f5support&utm_medium=rss

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20190541-1.html

Trust: 0.6

url:https://security.business.xerox.com/wp-content/uploads/2019/11/cert_security_mini_bulletin_xrx19ak_for_altalinkb80xx-c80xx.pdf

Trust: 0.6

url:http://www.ibm.com/support/docview.wss

Trust: 0.6

url:http://www.ibm.com/support/docview.wss?uid=ibm10872368

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.1315/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/75930

Trust: 0.6

url:https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190123-01-linux-cn

Trust: 0.6

url:https://www.auscert.org.au/bulletins/76246

Trust: 0.6

url:http://www.ibm.com/support/docview.wss?uid=ibm10792535

Trust: 0.6

url:https://www.auscert.org.au/bulletins/76474

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180824-linux-ip-fragment

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-20-105-05

Trust: 0.6

url:https://www.auscert.org.au/bulletins/77246

Trust: 0.6

url:https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200115-01-linux-cn

Trust: 0.6

url:https://www.us-cert.gov/ics/advisories/icsa-20-105-05

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2018-14634

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2018-10675

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2018-14634

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2018-10675

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2017-18344

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2017-18344

Trust: 0.4

url:https://access.redhat.com/security/vulnerabilities/mutagen-astronomy

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2018-5390

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2018-5390

Trust: 0.2

url:https://wiki.ubuntu.com/securityteam/knowledgebase/l1tf

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-3620

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-3646

Trust: 0.2

url:https://support.f5.com/csp/article/k74374841?utm_source=f5support&amp;amp;utm_medium=rss

Trust: 0.1

url:https://cwe.mitre.org/data/definitions/20.html

Trust: 0.1

url:https://github.com/chetanshirke/my_ref

Trust: 0.1

url:https://tools.cisco.com/security/center/viewalert.x?alertid=58766

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-13405

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-7740

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-5803

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2017-18232

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-5344

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-1094

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-18208

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-10940

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-17805

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-10881

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-1092

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-1120

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-13405

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-18232

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-1000026

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-7757

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-1094

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-10940

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-0861

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-1118

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-1130

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2017-10661

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2017-17805

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-10879

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-10902

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2015-8830

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-10883

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-7740

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-5848

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-10322

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-4913

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-10883

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-1118

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-5803

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.6_release_notes/index.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-10878

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-10879

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-10902

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-1000026

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2017-0861

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-8781

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-8830

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-10322

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-10881

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-1092

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-5848

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4913

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2017-18208

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-1130

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-10661

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-1120

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-10878

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-5344

Trust: 0.1

url:https://access.redhat.com/articles/3635371

Trust: 0.1

url:https://access.redhat.com/articles/3674801

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1027.30

Trust: 0.1

url:https://usn.ubuntu.com/usn/usn-3741-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-lts-xenial/4.4.0-133.159~14.04.1

Trust: 0.1

url:https://usn.ubuntu.com/usn/usn-3741-2

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-gcp/4.15.0-1017.18~16.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-hwe/4.15.0-32.35~16.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-azure/4.15.0-1021.21~16.04.1

Trust: 0.1

url:https://usn.ubuntu.com/usn/usn-3740-2

Trust: 0.1

url:https://usn.ubuntu.com/usn/usn-3740-1

Trust: 0.1

sources: CERT/CC: VU#641765 // VULHUB: VHN-135422 // VULMON: CVE-2018-5391 // JVNDB: JVNDB-2018-006630 // PACKETSTORM: 150312 // PACKETSTORM: 150057 // PACKETSTORM: 149726 // PACKETSTORM: 149832 // PACKETSTORM: 150315 // PACKETSTORM: 149830 // PACKETSTORM: 150191 // PACKETSTORM: 148916 // PACKETSTORM: 148913 // PACKETSTORM: 149546 // CNNVD: CNNVD-201808-570 // NVD: CVE-2018-5391

CREDITS

Red Hat

Trust: 0.8

sources: PACKETSTORM: 150312 // PACKETSTORM: 150057 // PACKETSTORM: 149726 // PACKETSTORM: 149832 // PACKETSTORM: 150315 // PACKETSTORM: 149830 // PACKETSTORM: 150191 // PACKETSTORM: 149546

SOURCES

db:CERT/CCid:VU#641765
db:VULHUBid:VHN-135422
db:VULMONid:CVE-2018-5391
db:JVNDBid:JVNDB-2018-006630
db:PACKETSTORMid:150312
db:PACKETSTORMid:150057
db:PACKETSTORMid:149726
db:PACKETSTORMid:149832
db:PACKETSTORMid:150315
db:PACKETSTORMid:149830
db:PACKETSTORMid:150191
db:PACKETSTORMid:148916
db:PACKETSTORMid:148913
db:PACKETSTORMid:149546
db:CNNVDid:CNNVD-201808-570
db:NVDid:CVE-2018-5391

LAST UPDATE DATE

2024-11-07T21:48:37.830000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#641765date:2018-10-12T00:00:00
db:VULHUBid:VHN-135422date:2022-12-28T00:00:00
db:VULMONid:CVE-2018-5391date:2023-11-07T00:00:00
db:JVNDBid:JVNDB-2018-006630date:2019-07-26T00:00:00
db:CNNVDid:CNNVD-201808-570date:2022-12-29T00:00:00
db:NVDid:CVE-2018-5391date:2023-11-07T02:58:42.587

SOURCES RELEASE DATE

db:CERT/CCid:VU#641765date:2018-08-14T00:00:00
db:VULHUBid:VHN-135422date:2018-09-06T00:00:00
db:VULMONid:CVE-2018-5391date:2018-09-06T00:00:00
db:JVNDBid:JVNDB-2018-006630date:2018-08-28T00:00:00
db:PACKETSTORMid:150312date:2018-11-13T18:04:13
db:PACKETSTORMid:150057date:2018-10-31T01:00:50
db:PACKETSTORMid:149726date:2018-10-09T17:02:09
db:PACKETSTORMid:149832date:2018-10-17T15:42:22
db:PACKETSTORMid:150315date:2018-11-14T01:33:23
db:PACKETSTORMid:149830date:2018-10-17T15:42:07
db:PACKETSTORMid:150191date:2018-11-06T21:04:13
db:PACKETSTORMid:148916date:2018-08-15T04:42:57
db:PACKETSTORMid:148913date:2018-08-15T04:42:40
db:PACKETSTORMid:149546date:2018-09-25T23:02:55
db:CNNVDid:CNNVD-201808-570date:2018-08-20T00:00:00
db:NVDid:CVE-2018-5391date:2018-09-06T21:29:00.363