Denial of Service Vulnerability in Linux Kernel TCP Splice Read Function

Denial of Service Vulnerability in Linux Kernel TCP Splice Read Function

CVE-2017-6214 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.