CVE-2018-6922

Summary

CVE	CVE-2018-6922
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2018-08-09 18:29:00 UTC
Updated	2019-10-09 23:42:00 UTC
Description	One of the data structures that holds TCP segments in all versions of FreeBSD prior to 11.2-RELEASE-p1, 11.1-RELEASE-p12, and 10.4-RELEASE-p10 uses an inefficient algorithm to reassemble the data. This causes the CPU time spent on segment processing to grow linearly with the number of segments in the reassembly queue. An attacker who has the ability to send TCP traffic to a victim system can degrade the victim system's network performance and/or consume excessive CPU by exploiting the inefficiency of TCP reassembly handling, with relatively small bandwidth cost.

Risk And Classification

Problem Types: CWE-400

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Freebsd	Freebsd	10.4	-	All	All
Operating System	Freebsd	Freebsd	10.4	p1	All	All
Operating System	Freebsd	Freebsd	10.4	p3	All	All
Operating System	Freebsd	Freebsd	10.4	p4	All	All
Operating System	Freebsd	Freebsd	10.4	p5	All	All
Operating System	Freebsd	Freebsd	10.4	p6	All	All
Operating System	Freebsd	Freebsd	10.4	p7	All	All
Operating System	Freebsd	Freebsd	10.4	p8	All	All
Operating System	Freebsd	Freebsd	10.4	p9	All	All
Operating System	Freebsd	Freebsd	11.1	-	All	All
Operating System	Freebsd	Freebsd	11.1	p1	All	All
Operating System	Freebsd	Freebsd	11.1	p11	All	All
Operating System	Freebsd	Freebsd	11.1	p2	All	All
Operating System	Freebsd	Freebsd	11.1	p4	All	All
Operating System	Freebsd	Freebsd	11.1	p5	All	All
Operating System	Freebsd	Freebsd	11.1	p6	All	All
Operating System	Freebsd	Freebsd	11.1	p7	All	All
Operating System	Freebsd	Freebsd	11.1	p9	All	All
Operating System	Freebsd	Freebsd	11.2	-	All	All
Operating System	Freebsd	Freebsd	10.4	-	All	All
Operating System	Freebsd	Freebsd	10.4	p1	All	All
Operating System	Freebsd	Freebsd	10.4	p3	All	All
Operating System	Freebsd	Freebsd	10.4	p4	All	All
Operating System	Freebsd	Freebsd	10.4	p5	All	All
Operating System	Freebsd	Freebsd	10.4	p6	All	All
Operating System	Freebsd	Freebsd	10.4	p7	All	All
Operating System	Freebsd	Freebsd	10.4	p8	All	All
Operating System	Freebsd	Freebsd	10.4	p9	All	All
Operating System	Freebsd	Freebsd	11.1	-	All	All
Operating System	Freebsd	Freebsd	11.1	p1	All	All
Operating System	Freebsd	Freebsd	11.1	p11	All	All
Operating System	Freebsd	Freebsd	11.1	p2	All	All
Operating System	Freebsd	Freebsd	11.1	p4	All	All
Operating System	Freebsd	Freebsd	11.1	p5	All	All
Operating System	Freebsd	Freebsd	11.1	p6	All	All
Operating System	Freebsd	Freebsd	11.1	p7	All	All
Operating System	Freebsd	Freebsd	11.1	p9	All	All
Operating System	Freebsd	Freebsd	11.2	-	All	All

References

Reference	Source	Link	Tags
FreeBSD TCP Reassembly CVE-2018-6922 Denial Of Service Vulnerability	BID	www.securityfocus.com	Third Party Advisory, VDB Entry
FreeBSD Kernel TCP Reassembly Algorithm Lets Remote Users Consume Excessive CPU Resources on the Target System - SecurityTracker	SECTRACK	www.securitytracker.com	Third Party Advisory, VDB Entry
CVE-2018-6922 FreeBSD Denial of Service (DoS) Vulnerability in NetApp Products \| NetApp Product Security	CONFIRM	security.netapp.com	Third Party Advisory
Oracle Critical Patch Update - January 2019	CONFIRM	www.oracle.com	Patch
FreeBSD-SA-18:08	FREEBSD	www.freebsd.org	Patch, Vendor Advisory
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.