logo
DATABASE RESOURCES PRICING ABOUT US

Kernel vulnerability CVE-2016-6828

Description

The tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option. ([CVE-2016-6828](<https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6828>)) Impact A local user may cause a denial-of-service (DoS) by way of a crafted SACK option.


Affected Software


CPE Name Name Version
big-iq centralized management 6.1.0
big-ip aam 13.0.1
big-ip afm 13.0.1
big-ip analytics 13.0.1
big-ip apm 13.0.1
big-ip asm 13.0.1
big-ip dns 13.0.1
big-ip gtm 13.0.1
big-ip link controller 13.0.1
big-ip ltm 13.0.1
big-ip pem 13.0.1
traffix sdc 5.1.0
enterprise manager 3.1.1
f5 websafe 1.0.0
f5 iworkflow 2.3.0
linerate 2.6.1
big-iq adc 6.1.0
big-iq cloud 6.1.0
big-iq cloud and orchestration 1.0.0
big-iq device 6.1.0
big-iq security 6.1.0
big-ip webaccelerator 13.0.1
big-ip psm 13.0.1
big-ip edge gateway 13.0.1
arx 6.4.0

Related