CVE-2023-1206
CVE-2023-1206
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.6%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Lifecycle
30 Jun 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.
Affected products
n/a · KernelReferences
https://bugzilla.redhat.com/show_bug.cgi?id=2175903https://lists.debian.org/debian-lts-announce/2023/10/msg00027.htmlhttps://lists.debian.org/debian-lts-announce/2024/01/msg00004.htmlhttps://security.netapp.com/advisory/ntap-20230929-0006/https://www.debian.org/security/2023/dsa-5480https://www.debian.org/security/2023/dsa-5492