Denial of Service Vulnerability in Linux Kernel's tcp_disconnect Function

Denial of Service Vulnerability in Linux Kernel's tcp_disconnect Function

CVE-2017-14106 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.