Описание
OpenBSD kernel version <= 6.5 can be forced to create long chains of TCP SACK holes that causes very expensive calls to tcp_sack_option() for every incoming SACK packet which can lead to a denial of service.
Ссылки
- ExploitVendor Advisory
- PatchThird Party Advisory
- ExploitPatchPress/Media CoverageThird Party Advisory
- Third Party Advisory
- ExploitVendor Advisory
- PatchThird Party Advisory
- ExploitPatchPress/Media CoverageThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 6.5 (включая)
cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*
EPSS
Процентиль: 71%
0.00688
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-1049
NVD-CWE-Other
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
Reuven Plevinsky and Tal Vainshtein of Check Point Software Technologies Ltd. discovered that OpenBSD kernel (all versions, including 6.5) can be forced to create long chains of TCP SACK holes that cause very expensive calls to tcp_sack_option() for every incoming SACK packet which can lead to a denial of service.
CVSS3: 7.5
fstec
больше 6 лет назад
Уязвимость функции tcp_sack_option () ядра операционной системы OpenBSD, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
Процентиль: 71%
0.00688
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-1049
NVD-CWE-Other