CVE-2023-1206

Updated: 2024-01-11 19:20:34.906154

Description:

A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x MEDIUM 5.7

Status

OS name Project name Version Score Severity Status Errata Last updated
AlmaLinux 9.2 ESU kernel 5.14.0 5.7 MEDIUM Released CLSA-2024:1719231016 2024-06-24 10:19:31
AlmaLinux 9.2 FIPS kernel 5.14.0 5.7 MEDIUM Released CLSA-2024:1719241565 2024-06-24 11:28:12
CentOS 6 ELS kernel 2.6.32 5.7 MEDIUM Ignored 2023-07-13 05:04:46
CentOS 7 ELS kernel 3.10.0 5.7 MEDIUM Ignored 2023-09-19 05:07:19
CentOS 8.4 ELS kernel 4.18.0 5.7 MEDIUM Ignored 2024-06-24 11:35:13
CentOS 8.5 ELS kernel 4.18.0 5.7 MEDIUM Ignored 2024-06-24 11:35:13
CentOS Stream 8 ELS kernel 4.18.0 5.7 MEDIUM Ignored 2024-06-24 11:20:05
CloudLinux 6 ELS kernel 2.6.32 5.7 MEDIUM Ignored 2023-07-13 05:04:46
Oracle Linux 6 ELS kernel 2.6.32 5.7 MEDIUM Ignored 2023-07-13 09:09:17
Ubuntu 16.04 ELS linux-hwe 4.15.0 5.7 MEDIUM Released CLSA-2023:1697745029 2023-10-19 21:11:13
Total: 12