high
7.1
CWE
835
Advisory Published
Updated

CVE-2018-10938

First published: Mon Aug 27 2018(Updated: )

A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw.

Credit: secalert@redhat.com secalert@redhat.com

Affected SoftwareAffected VersionHow to fix
Linux Kernel=4.0
Linux Kernel=4.0-rc1
Linux Kernel=4.0-rc2
Linux Kernel=4.0-rc3
Linux Kernel=4.0-rc4
Linux Kernel=4.0-rc5
Linux Kernel=4.0-rc6
Linux Kernel=4.0-rc7
Linux Kernel=4.1
Linux Kernel=4.1-rc1
Linux Kernel=4.1-rc2
Linux Kernel=4.1-rc3
Linux Kernel=4.1-rc4
Linux Kernel=4.1-rc5
Linux Kernel=4.1-rc6
Linux Kernel=4.1-rc7
Linux Kernel=4.1-rc8
Linux Kernel=4.2
Linux Kernel=4.2-rc1
Linux Kernel=4.2-rc2
Linux Kernel=4.2-rc3
Linux Kernel=4.2-rc4
Linux Kernel=4.2-rc5
Linux Kernel=4.2-rc6
Linux Kernel=4.2-rc7
Linux Kernel=4.2-rc8
Linux Kernel=4.3
Linux Kernel=4.3-rc1
Linux Kernel=4.3-rc2
Linux Kernel=4.3-rc3
Linux Kernel=4.3-rc4
Linux Kernel=4.3-rc5
Linux Kernel=4.3-rc6
Linux Kernel=4.3-rc7
Linux Kernel=4.4
Linux Kernel=4.4-rc1
Linux Kernel=4.4-rc2
Linux Kernel=4.4-rc3
Linux Kernel=4.4-rc4
Linux Kernel=4.4-rc5
Linux Kernel=4.4-rc6
Linux Kernel=4.4-rc7
Linux Kernel=4.4-rc8
Linux Kernel=4.5
Linux Kernel=4.5-rc1
Linux Kernel=4.5-rc2
Linux Kernel=4.5-rc3
Linux Kernel=4.5-rc4
Linux Kernel=4.5-rc5
Linux Kernel=4.5-rc6
Linux Kernel=4.5-rc7
Linux Kernel=4.6
Linux Kernel=4.6-rc1
Linux Kernel=4.6-rc2
Linux Kernel=4.6-rc3
Linux Kernel=4.6-rc4
Linux Kernel=4.6-rc5
Linux Kernel=4.6-rc6
Linux Kernel=4.6-rc7
Linux Kernel=4.7
Linux Kernel=4.7-rc1
Linux Kernel=4.7-rc2
Linux Kernel=4.7-rc3
Linux Kernel=4.7-rc4
Linux Kernel=4.7-rc5
Linux Kernel=4.7-rc6
Linux Kernel=4.7-rc7
Linux Kernel=4.8
Linux Kernel=4.8-rc1
Linux Kernel=4.8-rc2
Linux Kernel=4.8-rc3
Linux Kernel=4.8-rc4
Linux Kernel=4.8-rc5
Linux Kernel=4.8-rc6
Linux Kernel=4.8-rc7
Linux Kernel=4.8-rc8
Linux Kernel=4.9
Linux Kernel=4.9-rc1
Linux Kernel=4.9-rc2
Linux Kernel=4.9-rc3
Linux Kernel=4.9-rc4
Linux Kernel=4.9-rc5
Linux Kernel=4.9-rc6
Linux Kernel=4.9-rc7
Linux Kernel=4.9-rc8
Linux Kernel=4.10
Linux Kernel=4.10-rc1
Linux Kernel=4.10-rc2
Linux Kernel=4.10-rc3
Linux Kernel=4.10-rc4
Linux Kernel=4.10-rc5
Linux Kernel=4.10-rc6
Linux Kernel=4.10-rc7
Linux Kernel=4.10-rc8
Linux Kernel=4.11
Linux Kernel=4.11-rc1
Linux Kernel=4.11-rc2
Linux Kernel=4.11-rc3
Linux Kernel=4.11-rc4
Linux Kernel=4.11-rc5
Linux Kernel=4.11-rc6
Linux Kernel=4.11-rc7
Linux Kernel=4.11-rc8
Linux Kernel=4.12
Linux Kernel=4.12-rc1
Linux Kernel=4.12-rc2
Linux Kernel=4.12-rc3
Linux Kernel=4.12-rc4
Linux Kernel=4.12-rc5
Linux Kernel=4.12-rc6
Linux Kernel=4.12-rc7
Linux Kernel=4.13-rc1
Linux Kernel=4.13-rc2
Linux Kernel=4.13-rc3
Linux Kernel=4.13-rc4
Ubuntu Linux=14.04
Ubuntu Linux=16.04
Debian Debian Linux=9.0
debian/linux
5.10.223-1
5.10.226-1
6.1.123-1
6.1.119-1
6.12.10-1
6.12.11-1

Remedy

https://git.kernel.org/linus/04f81f0154e4bf002be6f4d85668ce1257efa4d9

Remedy

https://git.kernel.org/linus/40413955ee265a5e42f710940ec78f5450d49149

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is CVE-2018-10938?

    CVE-2018-10938 is a vulnerability in the Linux kernel that allows a remote attacker to cause a denial-of-service by sending a crafted network packet.

  • Which versions of Linux are affected by CVE-2018-10938?

    Linux kernel versions from v4.0-rc1 to v4.13-rc4 are affected by CVE-2018-10938.

  • How can CVE-2018-10938 be exploited?

    CVE-2018-10938 can be exploited by sending a specially crafted network packet remotely.

  • What is the impact of CVE-2018-10938?

    The impact of CVE-2018-10938 is a denial-of-service, as the vulnerability can cause the kernel to enter an infinite loop.

  • Is there a fix available for CVE-2018-10938?

    Yes, a fix has been provided in Linux kernel version 4.13~ and later.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203