Synology-SA-18:44 Linux kernel

Publish Time: 2018-08-15 13:17:16 UTC+8

Last Updated: 2019-12-17 17:21:58 UTC+8

Severity
Important
Status
Resolved

Abstract

CVE-2018-5391, a.k.a. FragmentSmack attack, allows remote attackers to conduct denial-of-service attacks via a susceptible version of Synology Diskstation Manager (DSM), SkyNAS or VS960HD.

SRM 1.1 is not affected as CVE-2018-5391 only affects Linux kernel 3.9 or above.

Affected Products

Product Severity Fixed Release Availability
DSM 6.2 Important Upgrade to 6.2.1-23824-1 or above.
DSM 6.1 Important Upgrade to 6.2.1-23824-1 or above.
DSM 5.2 Important Upgrade to 6.2.1-23824-1 or above.
SkyNAS Important Will not fix.
VS960HD Important Will not fix.
SRM 1.1 Not affected N/A

Mitigation

If you need immediate assistance, please contact Synology technical support via https://account.synology.com/en-global/support.

Detail

Reserved

Reference

Revision

Revision Date Description
1 2018-08-15 Initial public release.
2 2019-12-17 Update for DSM 6.2, DSM 6.1 and DSM 5.2 are now available in Affected Products.