SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Router/Bridge/Hub)  >   Cisco Wireless LAN Controller Vendors:   Cisco
(Cisco Issues Advisory for Cisco Wireless LAN Controller) Linux Kernel IP Fragment Reassembly Algorithm Lets Remote Users Consume Excessive CPU Resources on the Target System
SecurityTracker Alert ID:  1041979
SecurityTracker URL:  http://securitytracker.com/id/1041979
CVE Reference:   CVE-2018-5391   (Links to External Site)
Date:  Oct 26 2018
Impact:   Denial of service via network
Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in the Linux kernel. A remote user can consume excessive CPU resources on the target system. Cisco Wireless LAN Controller is affected.

The system uses an inefficient IP fragment reassembly algorithm. A remote user can send specially crafted fragmented data to consume excessive CPU resources on the target system.

Juha-Matti Tilli (Aalto University, Department of Communications and Networking / Nokia Bell Labs) reported this vulnerability.

Impact:   A remote user can consume excessive CPU resources on the target system.
Solution:   No solution was available at the time of this entry.

The Cisco advisory is available at:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180824-linux-ip-fragment

Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180824-linux-ip-fragment (Links to External Site)
Cause:   Resource error

Message History:   This archive entry is a follow-up to the message listed below.
Aug 15 2018 Linux Kernel IP Fragment Reassembly Algorithm Lets Remote Users Consume Excessive CPU Resources on the Target System



 Source Message Contents

Subject:  https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180824-linux-ip-fragment


Cisco Identity Services Engine (ISE) 	CSCvm15495 	

Cisco Secure Access Control System (ACS) 	CSCvm09119 	No fix expected - End of life

Cisco Meeting Server 	CSCvm15488 	2.5 (Dec-2018)

Cisco Prime Collaboration Assurance 	CSCvm15480 	11.6 es19 (Oct-2018)
12.1 sp2 (Oct-2018)
Cisco Prime Collaboration Deployment 	CSCvm15504 	
Cisco Prime Collaboration Provisioning 	CSCvm15479 	12.6 (Nov-2018)

Cisco IOS XE Software 	CSCvm09121 	16.10.1 (Oct-2018)
16.9.2 (Oct-2018)
16.6.5 (Dec-2018)
16.3.8 (Jan-2019)

Cisco Nexus 3000 Series Switches 	CSCvm09117 	9.2(2) (Nov-2018)
Cisco Nexus 7000 Series Switches 	CSCvm15461 	
Cisco Nexus 9000 Series Fabric Switches - ACI mode 	CSCvm15457 	14.0 (Oct-2018)
13.2.4 (Nov-2018)
Cisco Nexus 9000 Series Switches - Standalone, NX-OS mode 	CSCvm09117 	9.2(2) (Nov-2018)

Cisco UCS B-Series M5 Blade Servers - Integrated Management Controller 	CSCvm18261 	
Cisco UCS Standalone C-Series M5 Rack Server - Integrated Management Controller 	CSCvm15466 	4.0(2a) (Nov-2018)
3.1(3i) (Nov-2018)

Cisco IP Phone 7800 Series with Multiplatform Firmware 	CSCvm24442 	11.2.3 (Jan-2019)
Cisco IP Phone 7800 Series 	CSCvm15510 	12.5 (Nov-2018)
Cisco IP Phone 7832 with Multiplatform Firmware 	CSCvm24440 	11.2.3 (Jan-2019)
Cisco IP Phone 8800 Series with Multiplatform Firmware 	CSCvm24436 	11.2.3 (Jan-2019)
Cisco IP Phone 8800 Series 	CSCvm21280 	12.5 (Nov-2018)

Cisco MediaSense 	CSCvk78932 	

Cisco Unified Communications Domain Manager 	CSCvm15505 	

Cisco Unified Communications Manager IM & Presence Service (formerly CUPS) 	CSCvm15508 	12.5(1) (Nov-2018)

Cisco Unified Communications Manager Session Management Edition 	CSCvm15503 	
Cisco Unified Communications Manager 	CSCvm15503 	

Cisco Unified Contact Center Enterprise - Live Data server 	CSCvk78928 	
Cisco Unified Contact Center Express 	CSCvm15506 	

Cisco Unified Intelligence Center 	CSCvk78927 	

Cisco Unity Connection 	CSCvm15803 	

Cisco Webex Meetings Server 	CSCvm44844 	2.8 MR3 (Nov-2018)

Cisco TelePresence Conductor 	CSCvm15486 	
Cisco TelePresence Integrator C Series 	CSCvm15489 	TC7.3.15 (Sep-2018)
Cisco TelePresence MX Series 	CSCvm15489 	TC7.3.15 (Sep-2018)
CE9.5.0 (Sep-2018)
Cisco TelePresence Profile Series 	CSCvm15489 	TC7.3.15 (Sep-2018)
Cisco TelePresence SX80 Codec 	CSCvm15489 	TC7.3.15 (Sep-2018)
CE9.5.0 (Sep-2018)
Cisco TelePresence Server on Virtual Machine 	CSCvm15490 	
Cisco TelePresence System EX Series 	CSCvm15489 	TC7.3.15 (Sep-2018)
Cisco TelePresence Video Communication Server (VCS) 	CSCvm15491 	

Cisco Aironet 1560 Series Access Points 	CSCvm15469 	8.5 MR4 (Oct-2018)
8.8 MR1 (Oct-2018)
8.9 (Feb-2019)
Cisco Aironet 1815 Series Access Points 	CSCvm15469 	8.5 MR4 (Oct-2018)
8.8 MR1 (Oct-2018)
8.9 (Feb-2019)
Cisco Aironet 2800 Series Access Points 	CSCvm15469 	8.5 MR4 (Oct-2018)
8.8 MR1 (Oct-2018)
8.9 (Feb-2019)
Cisco Aironet 3800 Series Access Points 	CSCvm15469 	8.5 MR4 (Oct-2018)
8.8 MR1 (Oct-2018)
8.9 (Feb-2019)

Cisco Wireless LAN Controller 	CSCvm76255 	



 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC