CVE-2017-5972
CVE-2017-5972
The TCP stack in the Linux kernel 3.x does not properly implement a SYN cookie protection mechanism for the case of a fast network connection, which allows remote attackers to cause a denial of service (CPU consumption) by sending many TCP SYN packets, as demonstrated by an attack against the kernel-3.10.0 package in CentOS Linux 7. NOTE: third parties have been unable to discern any relationship between the GitHub Engineering finding and the Trigemini.c attack code.
Affected products
n/a · n/apublic PoCs found — 3
cve_referencepacketstormsecurity.com/files/141083/CentOS7-Kernel-Denial-Of-Service.htmlunverifiedcve_referencewww.exploit-db.com/exploits/41350/unverifiedexploitdbwww.exploit-db.com/exploits/41350unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://access.redhat.com/security/cve/cve-2017-5972https://bugzilla.redhat.com/show_bug.cgi?id=1422081https://cxsecurity.com/issue/WLB-2017020112http://seclists.org/oss-sec/2017/q1/573https://githubengineering.com/syn-flood-mitigation-with-synsanity/https://packetstormsecurity.com/files/141083/CentOS7-Kernel-Denial-Of-Service.htmlhttps://security-tracker.debian.org/tracker/CVE-2017-5972https://www.exploit-db.com/exploits/41350/http://www.securityfocus.com/bid/96231