Linux Kernel CVE-2017-6214 Remote Denial of Service Vulnerability

by CIRT Team

Description: The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag.

Impact:  Attackers can exploit this issue to cause the kernel to enter into an infinite loop which may cause denial-of-service conditions.

Mitigation: Updates are available. Please see the references for more information.

Reference URL’s:

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6214
• http://www.securityfocus.com/bid/96421/info
• https://access.redhat.com/security/cve/cve-2017-6214
• https://security-tracker.debian.org/tracker/CVE-2017-6214
• https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-6214.html
• https://www.suse.com/security/cve/CVE-2017-6214/

CIRT Team

Recommended Posts

Cyber Threat Alert: Surge in Attacks via Compromised Third-Party Service Providers

08 Feb 2024 - Articles, English articles, Security Advisories & Alerts

বাংলাদেশের আইটি কাঠামোয় তথ্য চুরির ম্যালওয়ারের বিস্তার সম্পর্কে সতর্কতা

18 Jan 2024 - Articles, Bangla Articles, News, Security Advisories & Alerts

সাইবার থ্রেট এলার্টঃ বাংলাদেশকে লক্ষ্য করে চলমান ফিশিং ক্যাম্পেইন

04 Jan 2024 - News, Security Advisories & Alerts