Lucene search
Redhat.comRH:CVE-2023-52881HistoryMay 29, 2024 - 12:25 p.m.
CVE-2023-52881
2024-05-2912:25:53
redhat.com
access.redhat.com
15
linux kernel
tcp spoofing
ghost acks
side channels
initial sequence number
tcp syn cookies
A flaw was found in the Linux kernel. Two TCP spoofing primitives exist where an attacker can brute force the server-chosen send window by acknowledging data that was never sent, called “ghost ACKs.” There are side channels that also allow the attacker to leak the otherwise secret server-chosen initial sequence number (ISN). One of these side channels leverages TCP SYN cookies.
Related
ubuntucve
ubuntucve
CVE-2023-52881
2024-05-29 00:00:00
cve
cve
CVE-2023-52881
2024-05-29 11:16:02
cvelist
cvelist
CVE-2023-52881 tcp: do not accept ACK of bytes we never sent
2024-05-29 10:15:14
nvd
nvd
CVE-2023-52881
2024-05-29 11:16:02
debiancve
debiancve
CVE-2023-52881
2024-05-29 11:16:02
amazon
amazon
Important: kernel
2024-01-03 22:37:00
Important: kernel
2024-01-03 21:04:00
nessus
nessus
Amazon Linux AMI : kernel (ALAS-2024-1899)
2024-01-09 00:00:00
Amazon Linux 2 : kernel (ALAS-2024-2391)
2024-01-09 00:00:00
Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-488)
2024-01-23 00:00:00