[resolved] Is the current kernel vulnerable to CVE-2018-5390?

schard · 2018-08-07 13:39:05

I just read about the current TCP DOS vulnerability in current Linux kernels.
Are the current Arch kernels linux and linux-lts affected by this?
The CVE is not listed here.

Found it: https://security.archlinux.org/AVG-747
Sorry for the noise.

Last edited by schard (2018-08-07 13:42:30)

WorMzy · 2018-08-07 13:43:07

It is [listed on the linked page], just under the AVG-747 identity. See also: https://security.archlinux.org/CVE-2018-5390

EDIT: clarification.

Last edited by WorMzy (2018-08-07 13:50:22)

Trilby · 2018-08-07 13:47:45

WorMzy wrote:

It is

It is? Doesn't the table in the page you linked to say it was fixed in 4.17.11-1? The current repo version is 4.17.12. So it should not be vulnerable.

WorMzy · 2018-08-07 13:49:26

Sorry, that was a bad choice of words/lack of context on my part; that was a response to "The CVE is not listed here.", but it looks like OP found it on their own.

Arch Linux

#1 2018-08-07 13:39:05

[resolved] Is the current kernel vulnerable to CVE-2018-5390?

#2 2018-08-07 13:43:07

Re: [resolved] Is the current kernel vulnerable to CVE-2018-5390?

#3 2018-08-07 13:47:45

Re: [resolved] Is the current kernel vulnerable to CVE-2018-5390?

#4 2018-08-07 13:49:26

Re: [resolved] Is the current kernel vulnerable to CVE-2018-5390?

Board footer