Bug 2175903 (CVE-2023-1206)

Summary: CVE-2023-1206 kernel: hash collisions in the IPv6 connection lookup table
Product: [Other] Security Response Reporter: Alex <allarkin>
Component: vulnerabilityAssignee: Nobody <nobody>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: acaringi, allarkin, atenart, bhu, carnil, chwhite, dbohanno, ddepaula, debarbos, dfreiber, dvlasenk, ezulian, fhrbata, fmaurer, hkrzesin, jarod, jburrell, jdenham, jfaracco, jferlan, jforbes, jlelli, joe.lawrence, jshortt, jstancek, jwyatt, kcarcia, kernel-mgr, ldoskova, lgoncalv, lleshchi, lzampier, mleitner, nmurray, ptalbert, qzhao, rogbas, rrobaina, rvrbovsk, rysulliv, scweaver, sukulkar, swood, tyberry, vkumar, walters, wcosta, williams, wmealing, ycote, ymankad
Target Milestone: ---Keywords: Security
Target Release: ---Flags: carnil: needinfo? (allarkin)
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: kernel 6.5-rc1 Doc Type: If docs needed, set a value
Doc Text:
A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2176117, 2176118, 2176119, 2176120, 2217240    
Bug Blocks: 2174096    

Description Alex 2023-03-06 18:10:51 UTC 
A flaw in the Linux Kernel found in the Linux kernel’s networking stack which permits attackers to force hash collisions in the IPv6 connection lookup table. This results in a significant increase in the cost of
lookups, causing increased CPU utilization. This significant CPU usage increase in the Linux kernel subjected to a modified form of the classic IPv6 SYN-Flood. The actual impact of this issue may be a denial of service (due to heightened CPU usage) to hosts which can receive malicious IPv6 traffic.
Comment 8 Alex 2023-06-25 09:58:11 UTC 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2217240]
Comment 19 Salvatore Bonaccorso 2023-08-16 18:56:19 UTC 
Is https://git.kernel.org/linus/d11b0df7ddf1831f3e170972f43186dad520bfcc the fix for this issue? (which would be in 6.5-rc4)?