CVE-2018-5390 Linux kernel versions 4.9+ vulnerability

Welcome Guest.

You haven't logged in yet. If you don't have an account you can register now.

Forums › LAN (ethernet/Wifi/routers/Bluetooth) › CVE-2018-5390 Linux kernel versions 4.9+ vulnerability

freitasm

BDFL - Memuneh
79306 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#239837 7-Aug-2018 10:17

I wonder how CVE-2018-5390 Linux kernel versions 4.9+ vulnerability would affect Linux-based consumer-grade routers in the wild... Not sure how many (if any) models are running affected version - but if any then I would be afraid.

@michaelmurfy do you know?

Aredwood

3885 posts

Uber Geek

#2069183 7-Aug-2018 10:22

The above vulnerability is a denial of service. So it at least isn't something that could allow a worm to appear.

freitasm

BDFL - Memuneh
79306 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#2069201 7-Aug-2018 10:52

Correct, but would annoy a lot of people.

My current router is not affected as it is running kernel 3.4...

michaelmurfy

meow
13263 posts

Uber Geek

Moderator

ID Verified

Trusted

Lifetime subscriber

#2069234 7-Aug-2018 12:13

Very few routers (if any) will be using this and all routers planning to use this in the future will likely be using a patched version of the kernel. It is quite a new kernel.

My PC is running 4.9.0-7 and my Edgerouter is running 3.10.107-UBNT. The Alpha firmware I think does have 4.9 in testing but as this is an alpha it should be updated before the final build.

I don't think many others really run a later version of the Linux kernel - many appliances run FreeBSD / NetBSD or have older kernel versions.

Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

qwerty123

147 posts

Master Geek

#2069472 7-Aug-2018 18:42

Attack surfuce is pretty small. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port. How often a consumer-grade router has a service running on it and exposed to the Internet? Forwarded traffic won't cause DoS.

News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00

eero Pro 7 Review
Posted 23-Jul-2025 12:07

BeeStation Plus Review
Posted 21-Jul-2025 14:21

eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01

WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32

RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26

Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24

Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05

Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01

Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01

Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22

Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46

Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42

D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34

Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15

Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

RSS feeds: Main feed; Forums feed

Site features: Geekzone BI dashboard; Geekzone Badges; Geekzone Status Page

Affiliate links: Samsung; AliExpress; Wise; Sharesies; GoodSync

Site Information: Subscribe to Geekzone; Privacy Statement; Forum Usage Guidelines (FUG); Advertising; Trademark and copyright