CVE-2023-1206

Updated: 2024-11-24 04:51:35.177702

Description:

A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x MEDIUM 5.7

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

AlmaLinux 9.2 ESU kernel 5.14.0 5.7 MEDIUM Released CLSA-2024:1719231016 2024-06-24 10:19:31
AlmaLinux 9.2 FIPS kernel 5.14.0 5.7 MEDIUM Released CLSA-2024:1719241565 2024-06-24 11:28:12
CentOS 6 ELS kernel 2.6.32 5.7 MEDIUM Ignored 2023-07-13 05:04:46
CentOS 7 ELS kernel 3.10.0 5.7 MEDIUM Ignored 2023-09-19 05:07:19
CentOS 8.4 ELS kernel 4.18.0 5.7 MEDIUM Ignored 2024-06-24 11:35:13
CentOS 8.5 ELS kernel 4.18.0 5.7 MEDIUM Ignored 2024-06-24 11:35:13
CentOS Stream 8 ELS kernel 4.18.0 5.7 MEDIUM Ignored 2024-06-24 11:20:05
CloudLinux 6 ELS kernel 2.6.32 5.7 MEDIUM Ignored 2023-07-13 05:04:46
CloudLinux 7 ELS kernel 3.10.0 5.7 MEDIUM Ignored 2024-10-03 10:52:00
Oracle Linux 6 ELS kernel 2.6.32 5.7 MEDIUM Ignored 2023-07-13 09:09:17
Total: 13