4 matches found
Arista Networks EOS tcp_input Challenge ACKs Shared Counter Disclosure (SA0023)
The version of Arista Networks EOS running on the remote device is affected by a flaw in the Linux kernel implementation within file net/ipv4/tcpinput.c due to a failure to properly determine the rate of challenge ACK segments. An unauthenticated, remote attacker can exploit this issue to access...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3595)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-3595 advisory. - tcp: make challenge acks less predictable Eric Dumazet Orabug: 24010012 Orabug: 2401010 CVE-2016-5696 Tenable has extracted the preceding description bloc...
CVE-2016-2070
The tcpcwndreduction function in net/ipv4/tcpinput.c in the Linux kernel before 4.3.5 allows remote attackers to cause a denial of service divide-by-zero error and system crash via crafted TCP traffic...
CVE-2010-1188
CVE-2010-1188 details (mode C): A use-after-free in net/ipv4/tcp_input.c of the Linux kernel 2.6 prior to 2.6.20. When IPV6_RECVPKTINFO is set on a listening TCP socket, a SYN packet to a LISTEN socket can trigger the skb being freed improperly, allowing a remote attacker to cause a denial of ser...