F5 Networks BIG-IP : Linux kernel vulnerability (K95343321)
High Nessus Plugin ID 119669
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionLinux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. (CVE-2018-5390 also known as SegmentSmack)
For products with vulnerable versions, this vulnerability allows a remote attacker to disrupt service. This vulnerability affects only the BIG-IP management port.
For products with None in the Versions known to be vulnerable column, there is no impact.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K95343321.