Denial of Service Vulnerability in Linux Kernel TCP Input Handling

Denial of Service Vulnerability in Linux Kernel TCP Input Handling

CVE-2012-6638 · HIGH Severity

AV:N/AC:L/AU:N/C:N/I:N/A:C

The tcp_rcv_state_process function in net/ipv4/tcp_input.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service (kernel resource consumption) via a flood of SYN+FIN TCP packets, a different vulnerability than CVE-2012-2663.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.