CVE-2018-14641

Summary

A security flaw was found in the ip_frag_reasm() function in net/ipv4/ip_fragment.c in the Linux kernel from 4.19-rc1 to 4.19-rc3 inclusive, which can cause a later system crash in ip_do_fragment(). With certain non-default, but non-rare, configuration of a victim host, an attacker can trigger this crash remotely, thus leading to a remote denial-of-service.

Affected Software

VendorProductVersion RangeStatus
The Linux Foundationkernelfrom 4.19-rc1 to 4.19-rc3 inclusiveaffected

Weaknesses

  • CWE-456: CWE-456

ADP Enrichment

CVE Program Container

Additional References

References