CVE-2023-1206

Updated: 2024-01-11 19:20:34.906154

Description:

A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x MEDIUM 5.7

Status

OS name Project name Version Score Severity Status Errata Last updated
AlmaLinux 9.2 ESU kernel 5.14.0 5.7 MEDIUM Ignored 2023-11-08 04:07:14
AlmaLinux 9.2 FIPS kernel 5.14.0 5.7 MEDIUM Ignored 2023-11-21 04:11:48
CentOS 6 ELS kernel 2.6.32 5.7 MEDIUM Ignored 2023-07-13 05:04:46
CentOS 8.4 ELS kernel 4.18.0 5.7 MEDIUM Ignored 2023-07-13 05:04:46
CentOS 8.5 ELS kernel 4.18.0 5.7 MEDIUM Ignored 2023-07-13 05:04:46
CloudLinux 6 ELS kernel 2.6.32 5.7 MEDIUM Ignored 2023-07-13 05:04:46
Oracle Linux 6 ELS kernel 2.6.32 5.7 MEDIUM Ignored 2023-07-13 09:09:17
Ubuntu 16.04 ELS linux-hwe 4.15.0 5.7 MEDIUM Released CLSA-2023:1697745029 2023-10-19 21:11:13
Ubuntu 16.04 ELS linux 4.4.0 5.7 MEDIUM Released CLSA-2023:1697744372 2023-10-19 21:11:09
Ubuntu 18.04 ELS linux 4.15.0 5.7 MEDIUM Released CLSA-2023:1697744683 2023-10-19 21:11:11