2 matches found
CVE-2023-52881
A flaw was found in the Linux kernel. Two TCP spoofing primitives exist where an attacker can brute force the server-chosen send window by acknowledging data that was never sent, called "ghost ACKs." There are side channels that also allow the attacker to leak the otherwise secret server-chosen...
Linux: TCP SYN Cookies
Normally, a client sends a SYN to the server which responds and hold state information in the TCP stack. In a SYN flood, the generated SYN packets consume all available TCP memory leading the server to deny service. The TCP SYN cookie is a mechanism to resist such SYN flood attacks. This script...