The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Detections

Analytics

Siemens RUGGEDCOM, SCALANCE, SIMATIC, SINEMA Improper Input Validation (CVE-2018-5391)

high Tenable OT Security Plugin ID 500995

Version 1.5

Version 1.4

Version 1.3

Version 1.2

Version 1.2

Version 1.1

Version 1.0

Version 1.5 Sep 5, 2024, 5:04 AM Plugin metadata (Add CISA's ICSA Reference Information tag) Plugin Feed: 202409050504
Version 1.4 Sep 14, 2023, 4:20 PM Plugin metadata (detection updated) Plugin Feed: 202309141620
Version 1.3 Jul 24, 2023, 9:08 PM Plugin metadata Plugin Feed: 202307242108
Version 1.2 Jul 24, 2023, 7:10 PM Plugin metadata Plugin Feed: 202307241910
Version 1.2 Jul 10, 2023, 2:06 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:U/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:O/RC:C") Exploit attributes ("Exploit available" set to "False") Plugin Feed: 202307101406
Version 1.1 Apr 27, 2023, 6:00 PM Plugin metadata (detection updated) Plugin Feed: 202304271800
Version 1.0 Apr 11, 2023, 10:03 AM New Plugin Feed: 202304111003