Zyxel security advisory for the Linux kernel TCP flaw

CVE: CVE-2018-5390

 

Summary

Zyxel products are not vulnerable to a newly reported TCP flaw in the Linux kernel.

 

What's the vulnerability?

The Linux kernel versions 4.9+ are vulnerable to denial of service conditions with low rates of specially modified packets.

 

What products are vulnerable?

None; we have examined all our products and confirmed that none of them are affected, either because they’re not Linux-based or are using non-vulnerable versions of the Linux kernel.

 

Got a question or a tipoff?

Please contact your local service rep for further information or assistance. If you’ve found a vulnerability, we want to work with you to fix it—contact  security@zyxel.com.tw and we’ll get right back to you.

 

Acknowledgment

Thanks to US-CERT Coordination Center for reporting this vulnerability to us.

 

Revision history

Initial release: 2018-08-10