CVE-2018-5390 Linux kernel versions 4.9+ vulnerability

Welcome Guest.

You haven't logged in yet. If you don't have an account you can register now.

Forums › LAN (ethernet/Wifi/routers/Bluetooth) › CVE-2018-5390 Linux kernel versions 4.9+ vulnerability

freitasm

BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41030

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#239837 7-Aug-2018 10:17

I wonder how CVE-2018-5390 Linux kernel versions 4.9+ vulnerability would affect Linux-based consumer-grade routers in the wild... Not sure how many (if any) models are running affected version - but if any then I would be afraid.

@michaelmurfy do you know?

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

Aredwood

3885 posts

Uber Geek
+1 received by user: 1749

#2069183 7-Aug-2018 10:22

The above vulnerability is a denial of service. So it at least isn't something that could allow a worm to appear.

freitasm

BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41030

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#2069201 7-Aug-2018 10:52

Correct, but would annoy a lot of people.

My current router is not affected as it is running kernel 3.4...

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

michaelmurfy

meow
13579 posts

Uber Geek
+1 received by user: 10910

Moderator

ID Verified

Trusted

Lifetime subscriber

#2069234 7-Aug-2018 12:13

Very few routers (if any) will be using this and all routers planning to use this in the future will likely be using a patched version of the kernel. It is quite a new kernel.

My PC is running 4.9.0-7 and my Edgerouter is running 3.10.107-UBNT. The Alpha firmware I think does have 4.9 in testing but as this is an alpha it should be updated before the final build.

I don't think many others really run a later version of the Linux kernel - many appliances run FreeBSD / NetBSD or have older kernel versions.

Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

qwerty123

147 posts

Master Geek
+1 received by user: 20

#2069472 7-Aug-2018 18:42

Attack surfuce is pretty small. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port. How often a consumer-grade router has a service running on it and exposed to the Internet? Forwarded traffic won't cause DoS.

News and reviews »

New ECOVACS DEEBOT T80S OMNI Available Now
Posted 9-Apr-2026 11:11

Ring Brings 4K Video to Battery-Powered Doorbells
Posted 9-Apr-2026 11:01

Synology Announces a New Privacy-First Home Monitoring Experience for BeeStation Plus
Posted 9-Apr-2026 10:02

GIGABYTE X870E AERO X3D DARK WOOD Redefines the Motherboard
Posted 7-Apr-2026 14:06

Datacom Acquires Auckland Data Centre from T4
Posted 2-Apr-2026 09:43

Spark Launches Satellite Service with SMS and data options
Posted 2-Apr-2026 09:16

Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Support Geekzone »

You can support Geekzone with a one-off or recurring donation via PressPatron.

RSS feeds: Main feed; Forums feed

Site features: Geekzone BI dashboard; Geekzone Badges; Geekzone Status Page

Site Information: Subscribe to Geekzone; Privacy Statement; Forum Usage Guidelines (FUG); Advertising; Trademark and copyright