Preface: Cisco provide status update on CVE-2018-5391 on 18th Feb 2019 , it is the follow up action for Linux kernel flaw announced August last year.
Synopsis: A decade ago, we said that the vulnerabilities of Microsoft windows will be jeopardize the IT world. Perhaps this statement not suitable today because Linux and open sources application encountered risks in frequent.
Vulnerability: From technical point of view, this flaw is easy exploit by attacker. They can send a packet trigger time and calculation expensive fragment reassembly algorithms overload the CPU power.
Don’t neglect this vulnerability:
Perhaps you say that your IPS can filter such malicious attack. The specify product has been patched. So your campus will be secure. But Linux base platform of machines are common today in your IT infrastructure. What if similar of attack is a insider threat. What’s the result?
Cisco official announcement – 18th Feb 2019 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180824-linux-ip-fragment